Skip to content

sympl-ssl dies when trying to manually select first certificate set (undefined method `name' for nil:NilClass - other.name)

Summary

(Summarize the bug encountered concisely)

As discussed in the forum, I've had some trouble with sympl-ssl and third party ssl certificates.

Having created a certificate set and filled it with certificates (config/ssl/sets/[set_name]/ssl.*), I'm unable to select it by using sudo sympl-ssl [subdomain.example.com] --verbose --select [set_name] as it dies with an undefined method error.

certificate_set.rb:82:in `<=>': undefined method `name' for nil:NilClass (NoMethodError)

Steps to reproduce

(How one can reproduce the issue - this is very important)

  • echo 'false' > /srv/$DOMAIN/config/ssl-provider
  • Create a certificate set and filled it with certificates (/srv/$DOMAIN/config/ssl/sets/$SET_NAME/ssl.*)
  • Run sudo sympl-ssl $DOMAIN --verbose --select $SET_NAME and it dies with an undefined method error

I've reproduced this on a fresh install of debian and sympl, on a non-internet facing box (behind a home firewall, so LetsEncrypt can't verify certificates). https://christopherwilkinson.co.uk/2024/setting-up-sympl-with-letsencrypt-dns-ssl-certificates-with-dehydrated/

Example Project

(If possible, please create an example project here on GitLab.com that exhibits the problematic behaviour, and link to it here in the bug report)

(If you are using an older version of GitLab, this will also determine whether the bug has been fixed in a more recent version)

What is the current bug behavior?

(What actually happens)

  • Run sudo sympl-ssl $DOMAIN --verbose --select $SET_NAME and it dies with an undefined method error

What is the expected correct behavior?

(What you should see instead)

  • Running sudo sympl-ssl $DOMAIN --verbose --select $SET_NAME should select the third party certificate set

Relevant logs and/or screenshots

(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.)

sympl@[hostname]:$ sudo sympl-ssl [subdomain.example.com] --verbose --select dehydrated
Certificate sets for [subdomain.example.com]:
	SSL set dehydrated: signed by /C=US/O=Let's Encrypt/CN=R3, expires 2024-08-02 19:10:52 UTC
/usr/lib/ruby/vendor_ruby/symbiosis/ssl/certificate_set.rb:82:in `<=>': undefined method `name' for nil:NilClass (NoMethodError)

        self.name <=> other.name
                           ^^^^^
	from /usr/sbin/sympl-ssl.rb:225:in `=='
	from /usr/sbin/sympl-ssl.rb:225:in `block in <main>'
	from /usr/sbin/sympl-ssl.rb:196:in `each'
	from /usr/sbin/sympl-ssl.rb:196:in `<main>'

Possible fixes

The error message points to core/lib/symbiosis/ssl/certificate_set.rb Line 82

While I’m no Ruby developer, it looks to me like it could be a alphabetical sorting algorithm not handling a single item list properly. Thus, if other is nil, it is not possible to fetch it's .name for the sort comparison.

In other languages, I'd write the line of code as self.name <=> other?.name rather than self.name <=> other.name, but I'm not sure if that's valid Ruby code. Alternatively, a guard statement which first checks if other is nil, and returns early.

(If you can, link to the line of code that might be responsible for the problem)

/cc @kelduum