Use PHP library, instead of Python #2
Comments
|
I saw your message, but I think you removed it? This library was just an example, which was linked in a wiki of Let's Encrypted. If you'd like, we could chat oustside Github, so I would be able to contribute even better? This plugin could become so awesome. 😄 As your name suggests, it seems like your from The Netherlands? 👍 |
|
And with Python, I mean this line, which executes a command in there Python client. Oh, and the last 3 lines of that file. |
|
That's right, made a mistake in my comment ;). I already messaged you on the DirectAdmin forums. I am from the Netherlands, indeed! |
|
Yeah, I saw. Awesome. Some other libraries we could use, instead of the one given above: |
|
I agree with you to use a library. Which one shall we choose? I do not think we should start with https://github.com/kelunik/acme because of PHP 7 requirement. A lot of servers are not ready for PHP 7 or hosters need time to announce the PHP 7 upgrade. |
|
The only option should be that one of octopuce, which is compatible with PHP 5.3.9 and up (according to his |
|
When you agree, I'll start implementing it in the current available action tomorrow, and start working on some new ones 👍 |
|
That's fine, I agree! Thank you for your help with this project. |
|
Hmm, I've been trying to implement the library so we're able to use it, but I'm don't think thats gonna work. The client seems far from finished yet and contains a lot, and I mean a lot, of bugs. I didn't get it to work.. Tomorrow I will write a small library which can handle the requests (and creation of CSR and so on) we need to make to Lets Encrypt. |
|
That's fine. It is better to write our own library/another one instead of using a buggy one. Thank you for your time. |
|
Progress is made very fast guys, looking good. The backport to 5.5 seems logical as that's the oldest supported version. They drop support very fast these days I must say. I saw at the commit from just now 78801af that the API is being used to store the certificate, are API keys or login configuration needed for that? I suppose it's a solid method instead of putting the certificates in the files themselves; as you might don't want to mess around with DA generated files. On the other hand if you need extra configuration that's a downside as well. |
|
I've backported that library because it was the best one available yet, with all features we need available. See these lines of code for that, this class is created by DirectAdmin itself. Works great without custom configuration 👍. Hmm, after some looking at the code I don't think this will work when you're signed in as the user itself, I was signed in through admin. Let me check and fix 😄 |
|
Hmm, not sure why that works, but it does. When I directly login to a user (so no admin user is available/set or anything) the request with username "admin" works properly. I think DirectAdmin completely ignores that.. When I pass the username of the logged in user to the request, it won't work. Whut DirectAdmin. |
|
@Wouter0100 The highlighted code you linked to just checks if any username is set without a password. If so, it uses the current DA session to authenticate. This method will work fine if the user has access to /CMD_API_SSL |
|
@sjerdo Ah, okay. That will be anough for that action. We need to display an error when the user doesn't have access to SSL certificates when he opens the index.html, and maybe hide the link in DirectAdmin's index, maybe? |
|
That's nice. I've installed the plugin and after submitting the form under a user it gives me a blank page. Is there some error log I can check? Or is that simply not working yet. I'd like to help test it. |
|
Hmm, requesting SSL certificates should work to the staging server of Let's Encrypt. I've added some error catchers to the code in a207a36. Could you try again? It shouldn't be white.. (white normally means a PHP exception or something) Also added a logs directory where PHP should log errors. |
|
Yes I think it's a PHP error, but I'm not sure if they are logged; I've looked in /var/log/directadmin but didn't find anything. I've updated and tried again but the blank page still shows up. |
|
It isn't logged there, can you take a look in |
|
I just reinstalled it to be sure, a few things for installation:
But, we do have an error now in the log dir [09-Dec-2015 16:40:17 Europe/Amsterdam] PHP Parse error: syntax error, unexpected 'function' (T_FUNCTION), expecting identifier (T_STRING) or \ (T_NS_SEPARATOR) in /usr/local/directadmin/plugins/da-letsencrypt/vendor/wouter0100/acme/lib/AcmeService.php on line 8 |
|
Which PHP version do you run? It has to do with the |
|
/usr/local/bin/php -v I think that might be a 5.6 feature. |
|
Yeah, I guess so. I'll fix that. |
|
@AramVK could you please try now? It should be fixed. |
|
Now it works. But the next error shows up: Couldn't use private key I think it's because is gets private.txt public.txt but the files are .key if I understand correctly. Also the .key files show up in /home/user/.letsencrypt/ instead of /home/user/domains/domain.tld/.letsencrypt/ |
|
That's correct, every user does also have keys. Let's Encrypt requires you to "register" your public key with an e-mailadres. Under this user you're able to create "certificates". Let me take a look whats going on. |
|
Ah, I didn't create the script yet to create a public/private key for domains, only for users. I've implemented this in c0973d4. |
|
Alright now it works, however it's a certificate from 'happy hacker fake CA'. You need to specify a server I read about that. |
|
Correct, it's currently on the staging server. You should be able to update the server in |
|
Yep that works fine! Had to delete the user keys I think as thats separated. Also I think it should probably remove the .well-known dir. Good that the basics are really working now. |
|
I've create issues for the found problems. I think the final conclusion of this issue is: we're gonna use a PHP library, instead of a Python one 👍 |
|
There is also a .sh script, not sure if that's easier then Python? |
|
It's not because Python is hard, but PHP just implements better with PHP, instead of Shell, Bash or Python. And I've already successfully implemented the PHP library. |
|
Okay, sorry I thought it was because of Python and other dependencies. But if it's already fully working, that's great :) |
|
I agree with @Wouter0100 . It is a good suggestion and an easy solution to use the .sh script, but what Wouter says, it is better to use a standard and one language. Thank you for your suggestion and don't say sorry! We love suggestions :). With an open mind and suggestions we can make the right choice. |
This plugin is fully writen in PHP, as I see. Isn't it better to use a PHP library, like this one? On this way you should be able to better implement it in the plugin.
I'd love to help, so I'll contribute some code in the next few days when I have time. Maybe, If you guys agree, with this PHP library (or any other).
The text was updated successfully, but these errors were encountered: