aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2019-10-19 11:37:50 +0300
committerSergey Poznyakoff <gray@gnu.org>2019-10-19 11:37:50 +0300
commit01234f6baeeddb3d093d871cf58bd468dff55531 (patch)
tree3323fb22a6615bef7beb3da5e73ec4bbda155196 /lib
parentf44aeac44eecf6dd6075e20080c0bb0b7822f30f (diff)
downloadacmeman-01234f6baeeddb3d093d871cf58bd468dff55531.tar.gz
acmeman-01234f6baeeddb3d093d871cf58bd468dff55531.tar.bz2
Process all order authorizations, not only the first
Diffstat (limited to 'lib')
-rw-r--r--lib/App/Acmeman.pm39
1 files changed, 20 insertions, 19 deletions
diff --git a/lib/App/Acmeman.pm b/lib/App/Acmeman.pm
index 285342c..a9efc6a 100644
--- a/lib/App/Acmeman.pm
+++ b/lib/App/Acmeman.pm
@@ -515,29 +515,30 @@ sub register_domain_certificate {
);
debug(3, "$domain: created order");
- my $authz = $acme->get_authorization(($order->authorizations())[0]);
+ foreach my $authz (map { $acme->get_authorization($_) } $order->authorizations()) {
- my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges();
- if (!$challenge) {
- error("$domain: no challenge of acceptable type received");
- return 0;
- }
+ my ($challenge) = grep { $_->type() eq 'http-01' } $authz->challenges();
+ if (!$challenge) {
+ error("$domain: no challenge of acceptable type received");
+ return 0;
+ }
- debug(3, "$domain: serving challenge");
- $self->save_challenge($challenge);
- $acme->accept_challenge($challenge);
+ debug(3, "$domain: serving challenge");
+ $self->save_challenge($challenge);
+ $acme->accept_challenge($challenge);
- # FIXME
- my $ret;
- while (($ret = $acme->poll_authorization($authz)) eq 'pending') {
- sleep 1
- }
- if ($ret ne 'valid') {
- error("$domain: can't renew certificate: authorization: $ret");
- return 0;
+ my $ret;
+ while (($ret = $acme->poll_authorization($authz)) eq 'pending') {
+ sleep 1
+ }
+ if ($ret ne 'valid') {
+ error("$domain: can't renew certificate: authorization: $ret");
+ return 0;
+ }
}
-
+
my $csr = $self->make_csr($domain, $key_size);
+
my $status = $acme->finalize_order($order, $csr->get_pem_req());
while ($status eq 'pending') {
sleep 1;
@@ -545,7 +546,7 @@ sub register_domain_certificate {
}
unless ($status eq 'valid') {
- error("$domain: can't renew certificate: finalize: $ret");
+ error("$domain: can't renew certificate: finalize: $status");
return 0;
}
my $chain = $acme->get_certificate_chain($order);

Return to:

Send suggestions and report system problems to the System administrator.