From 01234f6baeeddb3d093d871cf58bd468dff55531 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 19 Oct 2019 11:37:50 +0300
Subject: Process all order authorizations, not only the first

---
 lib/App/Acmeman.pm | 39 ++++++++++++++++++++-------------------
 1 file changed, 20 insertions(+), 19 deletions(-)

diff --git a/lib/App/Acmeman.pm b/lib/App/Acmeman.pm
index 285342c..a9efc6a 100644
--- a/lib/App/Acmeman.pm
+++ b/lib/App/Acmeman.pm
@@ -515,29 +515,30 @@ sub register_domain_certificate {
     );
     debug(3, "$domain: created order");
 
-    my $authz = $acme->get_authorization(($order->authorizations())[0]);
+    foreach my $authz (map { $acme->get_authorization($_) } $order->authorizations()) {
     
-    my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges();
-    if (!$challenge) {
-	error("$domain: no challenge of acceptable type received");
-	return 0;
-    }
+	my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges();
+	if (!$challenge) {
+	    error("$domain: no challenge of acceptable type received");
+	    return 0;
+	}
 
-    debug(3, "$domain: serving challenge");
-    $self->save_challenge($challenge);
-    $acme->accept_challenge($challenge);
+	debug(3, "$domain: serving challenge");
+	$self->save_challenge($challenge);
+	$acme->accept_challenge($challenge);
 
-    # FIXME
-    my $ret;
-    while (($ret = $acme->poll_authorization($authz)) eq 'pending') {
-	sleep 1
-    }
-    if ($ret ne 'valid') {
-	error("$domain: can't renew certificate: authorization: $ret");
-	return 0;
+	my $ret;
+	while (($ret = $acme->poll_authorization($authz)) eq 'pending') {
+	    sleep 1
+	}
+	if ($ret ne 'valid') {
+	    error("$domain: can't renew certificate: authorization: $ret");
+	    return 0;
+	}
     }
-
+    
     my $csr = $self->make_csr($domain, $key_size);
+
     my $status = $acme->finalize_order($order, $csr->get_pem_req());
     while ($status eq 'pending') {
 	sleep 1;
@@ -545,7 +546,7 @@ sub register_domain_certificate {
     }
 
     unless ($status eq 'valid') {
-	error("$domain: can't renew certificate: finalize: $ret");
+	error("$domain: can't renew certificate: finalize: $status");
 	return 0;
     }
     my $chain = $acme->get_certificate_chain($order);
-- 
cgit v1.2.1