Graceful cancellation of pending cert and order details in log for acme failure
This commit is contained in:
parent
b1ce4d630d
commit
4e72cb96c9
|
@ -104,7 +104,11 @@ def request_certificate(acme_client, authorizations, csr, order):
|
||||||
authorization_resource, _ = acme_client.poll(authz)
|
authorization_resource, _ = acme_client.poll(authz)
|
||||||
|
|
||||||
deadline = datetime.datetime.now() + datetime.timedelta(seconds=90)
|
deadline = datetime.datetime.now() + datetime.timedelta(seconds=90)
|
||||||
orderr = acme_client.finalize_order(order, deadline)
|
try:
|
||||||
|
orderr = acme_client.finalize_order(order, deadline)
|
||||||
|
except AcmeError:
|
||||||
|
current_app.logger.error("Unable to resolve Acme order: {}".format(order), exc_info=True)
|
||||||
|
raise
|
||||||
pem_certificate = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
pem_certificate = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
||||||
OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
|
||||||
orderr.fullchain_pem)).decode()
|
orderr.fullchain_pem)).decode()
|
||||||
|
@ -382,3 +386,7 @@ class ACMEIssuerPlugin(IssuerPlugin):
|
||||||
if option.get('name') == 'certificate':
|
if option.get('name') == 'certificate':
|
||||||
acme_root = option.get('value')
|
acme_root = option.get('value')
|
||||||
return acme_root, "", [role]
|
return acme_root, "", [role]
|
||||||
|
|
||||||
|
def cancel_ordered_certificate(self, pending_cert, **kwargs):
|
||||||
|
# Needed to override issuer function.
|
||||||
|
pass
|
||||||
|
|
Loading…
Reference in New Issue