24.10 BE upgrade CRL errors

Started by Steve, October 17, 2024, 05:07:01 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
November 08, 2024, 02:18:16 PM #30
Is from updates, not a fresh install. Literally upgraded to 24.10_7 last night and it happened immediately.

I had HTTP_PROXY and HTTPS_PROXY set in the configd template and neither the gui nor update-crl-fetch.py worked. Adding http_proxy and https_proxy in the configd template made update-crl-fetch.py work, but the gui still not. Removing the file from /tmp made no difference - it would just be recreated. I ticked the Auto add CRLs tickbox and went to sleep, and when I woke up it was fixed.

I think that when I looked at the contents of the file, it just contained:

Code Select
# [i] fetch certificate for https://opnsense-update.deciso.com

November 08, 2024, 02:29:54 PM #31
Ok probably have to see why the lowercase is better but we did look at the Python code and it said:

https://tedboy.github.io/python_stdlib/_modules/urllib.html#getproxies_environment
November 08, 2024, 02:47:49 PM #32
I tested and it indeed uses both vars no matter what case the environment var was in (even mixed works). Leads me to believe there may have been a typo in the original ones? Or the environment setup is not correct in configd (misses one?).
November 08, 2024, 03:01:47 PM #33
Also added https://github.com/opnsense/core/commit/a86c7106ed to verify proxy.conf was added properly and it was (as documented). The only caveat is that configd needs to be restarted when adding/editing/removing the file.

# service configd restart
# configctl configd environment


Cheers,
Franco
Print
Go Up Pages 1 2 3
User actions