From 12bbcc255a77d76be13d8b8f142e9d329e91d520 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 13 Feb 2020 14:58:34 +0000
Subject: [PATCH] Add a comprehensive error when failing to register for an
 ACME account

---
 synapse/handlers/acme.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/synapse/handlers/acme.py b/synapse/handlers/acme.py
index 46ac73106d..cfb5a4f39b 100644
--- a/synapse/handlers/acme.py
+++ b/synapse/handlers/acme.py
@@ -22,6 +22,7 @@ from twisted.web import server, static
 from twisted.web.resource import Resource
 
 from synapse.app import check_bind_error
+from synapse.config import ConfigError
 
 logger = logging.getLogger(__name__)
 
@@ -71,7 +72,18 @@ class AcmeHandler(object):
         # want it to control where we save the certificates, we have to reach in
         # and trigger the registration machinery ourselves.
         self._issuer._registered = False
-        yield self._issuer._ensure_registered()
+
+        try:
+            yield self._issuer._ensure_registered()
+        except Exception:
+            raise ConfigError("Failed to register with the ACME provider. This is likely"
+                              " happening because the install is new, and ACME v1 has"
+                              " been deprecated by Let's Encrypt and is disabled for"
+                              " installs set up after November 2019. At the moment,"
+                              " Synapse doesn't support ACME v2. For more info and"
+                              " alternative solution, check out"
+                              " https://github.com/matrix-org/synapse/blob/master/docs/"
+                              "ACME.md#deprecation-of-acme-v1")
 
     @defer.inlineCallbacks
     def provision_certificate(self):
-- 
GitLab