Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
Adrien Dorsaz
acme-dns-tiny
Commits
a86c633e
Commit
a86c633e
authored
Jun 14, 2020
by
Adrien Dorsaz
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'acme-rfc-8555' into 'master'
Follow the ACME RFC 8555 See merge request
!23
parents
474f4b63
d9763075
Pipeline
#276
failed with stages
in 16 minutes and 51 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
2 additions
and
4 deletions
+2
-4
acme_dns_tiny.py
acme_dns_tiny.py
+2
-4
No files found.
acme_dns_tiny.py
View file @
a86c633e
...
...
@@ -213,8 +213,7 @@ def get_crt(config, log=LOGGER):
log
.
info
(
"Install DNS TXT resource for domain: %s"
,
domain
)
challenge
=
[
c
for
c
in
authorization
[
"challenges"
]
if
c
[
"type"
]
==
"dns-01"
][
0
]
token
=
re
.
sub
(
r
"[^A-Za-z0-9_\-]"
,
"_"
,
challenge
[
"token"
])
keyauthorization
=
"{0}.{1}"
.
format
(
token
,
jwk_thumbprint
)
keyauthorization
=
challenge
[
"token"
]
+
"."
+
jwk_thumbprint
keydigest64
=
_base64
(
hashlib
.
sha256
(
keyauthorization
.
encode
(
"utf8"
)).
digest
())
dnsrr_domain
=
"_acme-challenge.{0}."
.
format
(
domain
)
try
:
# a CNAME resource can be used for advanced TSIG configuration
...
...
@@ -261,8 +260,7 @@ def get_crt(config, log=LOGGER):
time
.
sleep
(
config
[
"DNS"
].
getint
(
"TTL"
))
log
.
info
(
"Asking ACME server to validate challenge."
)
http_response
,
result
=
_send_signed_request
(
challenge
[
"url"
],
{
"keyAuthorization"
:
keyauthorization
})
http_response
,
result
=
_send_signed_request
(
challenge
[
"url"
],
{})
if
http_response
.
status_code
!=
200
:
raise
ValueError
(
"Error triggering challenge: {0} {1}"
.
format
(
http_response
.
status_code
,
result
))
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment