Skip to content
This repository has been archived by the owner. It is now read-only.

present more challenge metadata for non-http challenge types #13

Closed
wants to merge 2 commits into from

Conversation

@xdgc
Copy link

@xdgc xdgc commented Nov 23, 2016

When -t is used to perform a challenge using dns-01 or some other
hypothetical challenge type, only the token and thumbprint are
displayed. That's not enough information to set up challenge response
manually. This patch extends the chngproc IPC semantics and the
stdout from netproc to provide the challenge type and domain name
being challenged. That's enough for external challenge setup.

This particularly comes into interest when retrieving a single
certificate with multiple subjectAlternativeNames, especially when those
alt names are in different DNS domains and might require different
account authorizations to perform updates.

When -t is used to perform a challenge using dns-01 or some other
hypothetical challenge type, only the token and thumbprint are
displayed.  That's not enough information to set up challenge response
manually.  This patch extends the chngproc IPC semantics and the
stdout from netproc to provide the challenge type and domain name
being challenged.  That's enough for external challenge setup.

This particularly comes into interest when retrieving a single
certificate with multiple subjectAlternativeNames, especially when those
alt names are in different DNS domains and might require different
account authorizations to perform updates.
@kristapsdz
Copy link
Owner

@kristapsdz kristapsdz commented Nov 24, 2016

Good point. I figured the challenge part would be obvious because it's required in invoking the acme-client process, but it can't hurt. Can you update the manpage as well in your patch?

@xdgc
Copy link
Author

@xdgc xdgc commented Nov 25, 2016

Ah, yes - I will do that. It's a holiday here, will get to this in the next couple of days.

@xdgc
Copy link
Author

@xdgc xdgc commented Nov 25, 2016

I took the liberty of expanding the text on -t and of adding an example. Happy to make any changes you prefer.

@fraenki
Copy link

@fraenki fraenki commented Jan 17, 2017

Looks interesting. Is there an ETA for merging this PR?

kristapsdz pushed a commit to kristapsdz/acme-client that referenced this pull request Jan 28, 2017
…ortable#13 .

This creates a triplet exported to the operator: challenge type, domain, and print.
kristapsdz pushed a commit to kristapsdz/acme-client that referenced this pull request Jan 28, 2017
@kristapsdz
Copy link
Owner

@kristapsdz kristapsdz commented Jan 28, 2017

Done. I moved around the manpage bits quite a lot, however. But other than that, thanks!

@fraenki, if you have feature requests and aren't willing to contribute patches like @xdgc's excellent work, you can request ETAs by establishing a paid contract.

@kristapsdz kristapsdz closed this Jan 28, 2017
@fraenki
Copy link

@fraenki fraenki commented Jan 30, 2017

@kristapsdz, thanks for the clarification. Point taken.

kristapsdz pushed a commit to kristapsdz/acme-client that referenced this pull request Dec 1, 2018
…ortable#13 .

This creates a triplet exported to the operator: challenge type, domain, and print.
kristapsdz pushed a commit to kristapsdz/acme-client that referenced this pull request Dec 1, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.