Commit 3f501d8a authored by Adrien Dorsaz's avatar Adrien Dorsaz

v2: update example.ini with new configuration (v2 default URL and contact info)

parent b0c0a169
......@@ -115,11 +115,7 @@ def get_crt(config, log=LOGGER):
log.info("Registering ACME Account.")
account_request = {}
account_request["termsOfServiceAgreed"] = True
account_request["contact"] = []
if config["acmednstiny"].get("MailContact") is not None:
account_request["contact"].append("mailto:{0}".format(config["acmednstiny"].get("MailContact")))
if config["acmednstiny"].get("PhoneContact") is not None:
account_request["contact"].append("tel:{0}".format(config["acmednstiny"].get("PhoneContact")))
account_request["contact"] = config["acmednstiny"].get("Contacts").split(';')
if len(account_request["contact"]) == 0:
del account_request["contact"]
......@@ -149,8 +145,7 @@ def get_crt(config, log=LOGGER):
# new order
log.info("Certification issuance: ask for a new Order")
new_order = { "identifiers": [{"type": "dns", "value": domain} for domain in domains],
"notAfter": "2018-01-25T:04:00:00Z"}
new_order = { "identifiers": [{"type": "dns", "value": domain} for domain in domains]}
code, result, headers = _send_signed_request(acme_config["newOrder"], new_order)
order = json.loads(result.decode("utf8"))
if code == 201:
......
......@@ -3,14 +3,18 @@
AccountKeyFile = account.key
# Required readable CSR file
CSRFile = domain.csr
# Optional ACME directory url (default: https://acme-staging.api.letsencrypt.org/directory)
ACMEDirectory = https://acme-staging.api.letsencrypt.org/directory
# Optional ACME directory url (default: https://acme-staging-v2.api.letsencrypt.org/directory)
ACMEDirectory = https://acme-staging-v2.api.letsencrypt.org/directory
# Optional time in seconds to wait between DNS update and challenge check (default: 3)
CheckChallengeDelay = 3
# Optional Contact info to send to the ACME provider
MailContact = mail@example.com
# Note that Let's Encrypt servers disallow use of phone numbers
PhoneContact = +11111111111
# Optional To be able to be reached by ACME provider (e.g. to warn about
# certificate expicration), you can provide some contact informations.
# Contacts setting is a list of contact URI separated by semicolon (;).
# If ACME provider support contact informations, it must at least support mailto
# URI and can support more of contact.
# For the mailto URI, the email address part must contains only one address
# without header fields (see [RFC6068]).
Contacts = mailto:mail@example.com;mailto:mail2@example.org
[TSIGKeyring]
# Required TSIG key name
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment