diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2019-10-19 11:37:50 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2019-10-19 11:37:50 +0300 |
commit | 01234f6baeeddb3d093d871cf58bd468dff55531 (patch) | |
tree | 3323fb22a6615bef7beb3da5e73ec4bbda155196 | |
parent | f44aeac44eecf6dd6075e20080c0bb0b7822f30f (diff) | |
download | acmeman-01234f6baeeddb3d093d871cf58bd468dff55531.tar.gz acmeman-01234f6baeeddb3d093d871cf58bd468dff55531.tar.bz2 |
Process all order authorizations, not only the first
-rw-r--r-- | lib/App/Acmeman.pm | 39 |
1 files changed, 20 insertions, 19 deletions
diff --git a/lib/App/Acmeman.pm b/lib/App/Acmeman.pm index 285342c..a9efc6a 100644 --- a/lib/App/Acmeman.pm +++ b/lib/App/Acmeman.pm @@ -515,29 +515,30 @@ sub register_domain_certificate { ); debug(3, "$domain: created order"); - my $authz = $acme->get_authorization(($order->authorizations())[0]); + foreach my $authz (map { $acme->get_authorization($_) } $order->authorizations()) { - my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges(); - if (!$challenge) { - error("$domain: no challenge of acceptable type received"); - return 0; - } + my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges(); + if (!$challenge) { + error("$domain: no challenge of acceptable type received"); + return 0; + } - debug(3, "$domain: serving challenge"); - $self->save_challenge($challenge); - $acme->accept_challenge($challenge); + debug(3, "$domain: serving challenge"); + $self->save_challenge($challenge); + $acme->accept_challenge($challenge); - # FIXME - my $ret; - while (($ret = $acme->poll_authorization($authz)) eq 'pending') { - sleep 1 - } - if ($ret ne 'valid') { - error("$domain: can't renew certificate: authorization: $ret"); - return 0; + my $ret; + while (($ret = $acme->poll_authorization($authz)) eq 'pending') { + sleep 1 + } + if ($ret ne 'valid') { + error("$domain: can't renew certificate: authorization: $ret"); + return 0; + } } - + my $csr = $self->make_csr($domain, $key_size); + my $status = $acme->finalize_order($order, $csr->get_pem_req()); while ($status eq 'pending') { sleep 1; @@ -545,7 +546,7 @@ sub register_domain_certificate { } unless ($status eq 'valid') { - error("$domain: can't renew certificate: finalize: $ret"); + error("$domain: can't renew certificate: finalize: $status"); return 0; } my $chain = $acme->get_certificate_chain($order); |