cpanel_uapi.sh, Error in argument 1, char 2: option not found r

Post a reply

Confirmation code
Enter the code exactly as it appears. All letters are case insensitive.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-18 15:04

GeoffatMM wrote:
2018-6-18 08:13
One last question, when I was doing it manually on sslforfree, I had an account where I could review all my certificates. Now I am raising the certificates direct with lets encrypt so is there a way for me to review the certificates I have raised somehow? Letsencrypt does not appear to let me set up an account?
You don't need an account for that. You can use your hosting provider's cpanel to review all your certificates.

I am happy you got it working. Hopefully Neil will soon approve my pull request for the fix so that I can finally delete my github account.

Cheers,

Santeri

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by GeoffatMM » 2018-6-18 08:13

Hi Santeri

My apologies. I removed the comments and just by chance the cron actioned immediately after I had done so. It forced a new certificate and then successfully deployed it. You help and patience are much appreciated.

One last question, when I was doing it manually on sslforfree, I had an account where I could review all my certificates. Now I am raising the certificates direct with lets encrypt so is there a way for me to review the certificates I have raised somehow? Letsencrypt does not appear to let me set up an account?

My thanks again.

Geoff

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-15 15:44

GeoffatMM wrote:
2018-6-15 07:27
Tried your code and still would not work for me. Cron is forcing the certificate to be issued but it will not deploy it.
You are messing up with the comments. You commented out the function that takes care of urlencoding and that's why the script fails. Please copy the file fully as it is and don't try to edit it. Comments in the code don't hurt anything.

Santeri

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by GeoffatMM » 2018-6-15 07:27

Hi Santeri,

Tried your code and still would not work for me. Cron is forcing the certificate to be issued but it will not deploy it.

Here is the certificate cron:

"/home/xorex/.acme.sh"/acme.sh --force --issue -d mbdnet.net -w ~/www --dns dns_gd

I am only forcing it to ensure it actually generates a new certificate while I am testing it. Here are the results:

[Fri Jun 15 00:00:03 MST 2018] Single domain='mbdnet.net'
[Fri Jun 15 00:00:03 MST 2018] Getting domain auth token for each domain
[Fri Jun 15 00:00:03 MST 2018] Getting webroot for domain='mbdnet.net'
[Fri Jun 15 00:00:03 MST 2018] Getting new-authz for domain='mbdnet.net'
[Fri Jun 15 00:00:05 MST 2018] The new-authz request is ok.
[Fri Jun 15 00:00:05 MST 2018] mbdnet.net is already verified, skip http-01.
[Fri Jun 15 00:00:05 MST 2018] Verify finished, start to sign.
[Fri Jun 15 00:00:09 MST 2018] Cert success.
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISBOqR1yM4638Ivj8Bmx6/BhOmMA0GCSqGSIb3DQEBCwUA
................................................................................................
Full cert data not included
................................................................................................
86XnhYY9Dj3pJ/UxnByvR40xUa89zYoZ7V9XMm7R3d0ZtNOOffDgbLC0hD4sUWfu
XEE=
-----END CERTIFICATE-----
[Fri Jun 15 00:00:09 MST 2018] Your cert is in /home/xorex/.acme.sh/mbdnet.net/mbdnet.net.cer
[Fri Jun 15 00:00:09 MST 2018] Your cert key is in /home/xorex/.acme.sh/mbdnet.net/mbdnet.net.key
[Fri Jun 15 00:00:10 MST 2018] The intermediate CA cert is in /home/xorex/.acme.sh/mbdnet.net/ca.cer
[Fri Jun 15 00:00:10 MST 2018] And the full chain certs is there: /home/xorex/.acme.sh/mbdnet.net/fullchain.cer

Here is the deploy cron:

"/home/xorex/.acme.sh"/acme.sh --deploy -d mbdnet.net --deploy-hook cpanel_uapi

And here are the results:

/home/xorex/.acme.sh/deploy/cpanel_uapi.sh: line 34: _cpanel_uapi_urlencode: command not found
/home/xorex/.acme.sh/deploy/cpanel_uapi.sh: line 35: _cpanel_uapi_urlencode: command not found
[Fri Jun 15 00:05:22 MST 2018] Error in deploying certificate:
[Fri Jun 15 00:05:22 MST 2018] ---
apiversion: 3
func: install_ssl
module: SSL
result:
data: ~
errors:
- No 'cert' argument specified.
messages: ~
metadata: {}

status: 0
[Fri Jun 15 00:05:22 MST 2018] Error deploy for domain:mbdnet.net
[Fri Jun 15 00:05:22 MST 2018] Deploy error.

Here is the cpanel_uapi.sh code which sits in the subdirectory of "deploy" beneath the directory ".acme.sh" which holds acme.sh. I have added myself as root and commented out your private function.

#!/bin/bash
# Here is the script to deploy the cert to your cpanel using the cpanel API.
# Uses command line uapi. --user option is needed only if run as root.
# Returns 0 when success.
# Written by Santeri Kannisto <santeri.kannisto@2globalnomads.info>
# Public domain, 2017

export DEPLOY_CPANEL_USER=xorex@mbdnet.net

######## Public functions #####################

#domain keyfile certfile cafile fullchain

cpanel_uapi_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"

_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"

if ! _exists uapi; then
_err "The command uapi is not found."
return 1
fi
# read cert and key files and urlencode both
_certstr=$(cat "$_ccert")
_keystr=$(cat "$_ckey")
_cert=$(_cpanel_uapi_urlencode "$_certstr")
_key=$(_cpanel_uapi_urlencode "$_keystr")

_debug _cert "$_cert"
_debug _key "$_key"

if [ "$(id -u)" = 0 ]; then
if [ -z "$DEPLOY_CPANEL_USER" ]; then
_err "It seems that you are root, please define the target user name: export DEPLOY_CPANEL_USER=username"
return 1
fi
_savedomainconf DEPLOY_CPANEL_USER "$DEPLOY_CPANEL_USER"
_response=$(uapi --user="$DEPLOY_CPANEL_USER" SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
else
_response=$(uapi SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
fi
error_response="status: 0"
if test "${_response#*$error_response}" != "$_response"; then
_err "Error in deploying certificate:"
_err "$_response"
return 1
fi

_debug response "$_response"
_info "Certificate successfully deployed"
return 0
}

######## Private functions below #####################

#_cpanel_uapi_urlencode() {
# printf "%s" "$1" \
# | tr "\\r\\n" "\\a" \
# | sed -e 's/%/%25/g' -e 's/ /%20/g' -e 's/\!/%21/g' -e 's/"/%22/g' -e 's/#/%23/g' -e 's/\$/%24/g' -e 's/&/%26/g' -e 's/'\''/%27/g' -e 's/(/%28/g' -e 's/)/%29/g' -e 's/\*/%2A/g' -e 's/+/%2B/g' -e #'s/,/%2C/g' -e 's/\./%2E/g' -e 's/\//%2F/g' -e 's/:/%3A/g' -e 's/;/%3B/g' -e 's/</%3C/g' -e 's/=/%3D/g' -e 's/>/%3E/g' -e 's/?/%3F/g' -e 's/@/%40/g' -e 's/\[/%5B/g' -e 's/\\/%5C/g' -e 's/\]/%5D/g' -e #'s/\^/%5E/g' -e 's/_/%5F/g' -e 's/`/%60/g' -e 's/{/%7B/g' -e 's/|/%7C/g' -e 's/}/%7D/g' -e 's/~/%7E/g' -e 's/\a/%0A/g' --posix # convert newlines to audible bell so that that sed can handle the input #without using non-POSIX extensions and then urlencode characters
#}



It looks to me as if it is finding acme.sh but unable to find the cpanel_uapi.sh file for some reason? OR it is finding it but not finding the _cpanel_uapi_urlencode command?

When I ssh in to use the command in cron for deploy, it gives exactly the same result and output so I must have done something wrong!.

Hope you can help.

Geoff

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-13 21:46

Hi Geoff,

Lines starting with # are comments and you can safely delete them if you want but you don't have to.
I will also have to uncomment the export DEPLOY_CPANEL_USER=xxxxxxx for it to work.
Uncomment that and add your CPANEL username only if you run acme.sh as root. Otherwise leave it as it is: a comment in code.

Santeri

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Geoffat MM » 2018-6-13 09:17

Hi again Santeri,

I assume I can ignore the code below the

######## Private functions below #####################

When I use the code?

Geoff

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by GeoffatMM » 2018-6-13 09:09

Hi

I have exactly the same problem.

I will try your code. I will also have to uncomment the export DEPLOY_CPANEL_USER=xxxxxxx for it to work.

I will get back and let you know if it fixes the problem for me.

Thanks

Geoff

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-2 21:47

UPDATE on 2018-06-28: Changed the script to use acme.sh internal url encode function instead of sed. The pull request is now merged to acme.sh. Thanks, Neil!

I managed to remove php dependency by using sed for urlencode. Here is the POSIX code I have just submitted to acme.sh repository. Hopefully Neil will add it and we get this nasty bug squashed. Meanwhile, please test it and let me know how it works for you. I didn't encounter issues when I deployed it those web servers I am maintaining, but that does not prove anything.

Code: Select all

#!/usr/bin/env sh
# Here is the script to deploy the cert to your cpanel using the cpanel API.
# Uses command line uapi.  --user option is needed only if run as root.
# Returns 0 when success.
#
# Please note that I am no longer using Github. If you want to report an issue
# or contact me, visit https://forum.webseodesigners.com/web-design-seo-and-hosting-f16/
#
# Written by Santeri Kannisto <santeri.kannisto@webseodesigners.com>
# Public domain, 2017-2018

#export DEPLOY_CPANEL_USER=myusername

########  Public functions #####################

#domain keyfile certfile cafile fullchain

cpanel_uapi_deploy() {
  _cdomain="$1"
  _ckey="$2"
  _ccert="$3"
  _cca="$4"
  _cfullchain="$5"

  _debug _cdomain "$_cdomain"
  _debug _ckey "$_ckey"
  _debug _ccert "$_ccert"
  _debug _cca "$_cca"
  _debug _cfullchain "$_cfullchain"

  if ! _exists uapi; then
    _err "The command uapi is not found."
    return 1
  fi
  # read cert and key files and urlencode both
  _cert=$(cat "$_ccert" | _url_encode)
  _key=$(cat "$_ckey" | _url_encode)

  _debug _cert "$_cert"
  _debug _key "$_key"

  if [ "$(id -u)" = 0 ]; then
    if [ -z "$DEPLOY_CPANEL_USER" ]; then
      _err "It seems that you are root, please define the target user name: export DEPLOY_CPANEL_USER=username"
      return 1
    fi
    _savedomainconf DEPLOY_CPANEL_USER "$DEPLOY_CPANEL_USER"
    _response=$(uapi --user="$DEPLOY_CPANEL_USER" SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
  else
    _response=$(uapi SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
  fi
  error_response="status: 0"
  if test "${_response#*$error_response}" != "$_response"; then
    _err "Error in deploying certificate:"
    _err "$_response"
    return 1
  fi

  _debug response "$_response"
  _info "Certificate successfully deployed"
  return 0
}
Thanks Dominic and happy hacking,

Santeri

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-2 06:12

THIS FIX IS OBSOLETE AS IT IS NOT POSIX AND IT WILL NOT BE MERGED TO ACME.SH. IT WAS A TEMPORARY WORKAROUND WHILE I WAS WORKING WITH THE FINAL FIX. PLEASE USE THE POSIX SCRIPT THAT IS AVAILABLE BELOW THIS POST.

I rewrote the deployment script using a bash function for urlencode. Please replace your cpanel_uapi.sh with this one and see if it works for you. This solution is universal and does not depend on the hosting provider.

Code: Select all

REMOVED
Thanks for testing!

Re: cpanel_uapi.sh, Error in argument 1, char 2: option not found r

by Santeri » 2018-6-2 05:36

domgarofalo wrote:
2018-6-2 05:22
line 31 - if ! _exists /usr/local/bin/php; then
line 38 - _cert=$(/usr/local/bin/php -r "echo urlencode(\"$_certstr\");")
line 39 - _key=$(/usr/local/bin/php -r "echo urlencode(\"$_keystr\");”)
Good that you got a workaround. This bug was reported 30 days ago and I am fixing it now. Thanks for pointing it out!

GoDaddy has currently multiple instances of PHP available and cron uses a different version than command line. PHP option -r is not available on the version cron uses and therefore urlencode fails.

Hard coding the php path is not an universal solution as it works only 1) on that particular server and 2) until GoDaddy updates PHP or changes it's location. You can use it as a temporary fix but don't rely on it to work on the long run. I will search for alternative ways to make the coding. Adding hard coded paths to acme.sh code is not an option as people use acme.sh in various environments and not only on GoDaddy.

Top