Commit 1ea01f58 authored by Adrien Dorsaz's avatar Adrien Dorsaz
Browse files

acme_dns_tiny: skip validated authorization, add more information about...

acme_dns_tiny: skip validated authorization, add more information about authorization status and raise error if no dns-challenge has been found
parent 1d7c9423
......@@ -233,8 +233,19 @@ def get_crt(config, log=LOGGER):
.format(http_response.status_code, authorization))
domain = authorization["identifier"]["value"]
if authorization["status"] == "valid":
log.info("Skip authorization for domain %s: this is alreday validated", domain)
continue
if authorization["status"] != "pending":
raise ValueError("Authorization for the domain {0} can't be validated: "
"the authorization is {1}.".format(domain, authorization["status"]))
challenges = [c for c in authorization["challenges"] if c["type"] == "dns-01"]
if not challenges:
raise ValueError("Unable to find a DNS challenge to resolve for domain {0}"
.format(domain))
log.info("Install DNS TXT resource for domain: %s", domain)
challenge = [c for c in authorization["challenges"] if c["type"] == "dns-01"][0]
challenge = challenges[0]
keyauthorization = challenge["token"] + "." + jwk_thumbprint
keydigest64 = _base64(hashlib.sha256(keyauthorization.encode("utf8")).digest())
dnsrr_domain = "_acme-challenge.{0}.".format(domain)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment