Graceful cancellation of pending cert and order details in log for acme failure

This commit is contained in:
Curtis Castrapel 2018-06-14 08:02:34 -07:00
parent b1ce4d630d
commit 4e72cb96c9
1 changed files with 9 additions and 1 deletions

View File

@ -104,7 +104,11 @@ def request_certificate(acme_client, authorizations, csr, order):
authorization_resource, _ = acme_client.poll(authz) authorization_resource, _ = acme_client.poll(authz)
deadline = datetime.datetime.now() + datetime.timedelta(seconds=90) deadline = datetime.datetime.now() + datetime.timedelta(seconds=90)
orderr = acme_client.finalize_order(order, deadline) try:
orderr = acme_client.finalize_order(order, deadline)
except AcmeError:
current_app.logger.error("Unable to resolve Acme order: {}".format(order), exc_info=True)
raise
pem_certificate = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, pem_certificate = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
orderr.fullchain_pem)).decode() orderr.fullchain_pem)).decode()
@ -382,3 +386,7 @@ class ACMEIssuerPlugin(IssuerPlugin):
if option.get('name') == 'certificate': if option.get('name') == 'certificate':
acme_root = option.get('value') acme_root = option.get('value')
return acme_root, "", [role] return acme_root, "", [role]
def cancel_ordered_certificate(self, pending_cert, **kwargs):
# Needed to override issuer function.
pass