Merge pull request #6907 from matrix-org/babolivier/acme-config

* commit 'd484126bf':
  Make the log more noticeable
  Print the error as an error log and raise the same exception we got
  Linters are hard but in they end they just want what's best for us
  Lint
  Changelog
  Lint
  Add a separator for the config warning
  Add a comprehensive error when failing to register for an ACME account
  Add mention and warning about ACME v1 deprecation to the Synapse config

1 files changed, 15 insertions, 1 deletions

diff --git a/synapse/handlers/acme.py b/synapse/handlers/acme.py
index 46ac73106d..250faa997b 100644
--- a/synapse/handlers/acme.py
+++ b/synapse/handlers/acme.py
@@ -25,6 +25,15 @@ from synapse.app import check_bind_error
 
 logger = logging.getLogger(__name__)
 
+ACME_REGISTER_FAIL_ERROR = """
+--------------------------------------------------------------------------------
+Failed to register with the ACME provider. This is likely happening because the install
+is new, and ACME v1 has been deprecated by Let's Encrypt and is disabled for installs set
+up after November 2019.
+At the moment, Synapse doesn't support ACME v2. For more info and alternative solution,
+check out https://github.com/matrix-org/synapse/blob/master/docs/ACME.md#deprecation-of-acme-v1
+--------------------------------------------------------------------------------"""
+
 
 class AcmeHandler(object):
     def __init__(self, hs):
@@ -71,7 +80,12 @@ class AcmeHandler(object):
         # want it to control where we save the certificates, we have to reach in
         # and trigger the registration machinery ourselves.
         self._issuer._registered = False
-        yield self._issuer._ensure_registered()
+
+        try:
+            yield self._issuer._ensure_registered()
+        except Exception:
+            logger.error(ACME_REGISTER_FAIL_ERROR)
+            raise
 
     @defer.inlineCallbacks
     def provision_certificate(self):