Graceful cancellation of pending cert and order details in log for acme failure

This commit is contained in:
Curtis Castrapel 2018-06-14 08:02:34 -07:00
parent 4551cc11df
commit e912b8e075
1 changed files with 9 additions and 1 deletions

View File

@ -104,7 +104,11 @@ def request_certificate(acme_client, authorizations, csr, order):
authorization_resource, _ = acme_client.poll(authz)
deadline = datetime.datetime.now() + datetime.timedelta(seconds=90)
orderr = acme_client.finalize_order(order, deadline)
try:
orderr = acme_client.finalize_order(order, deadline)
except AcmeError:
current_app.logger.error("Unable to resolve Acme order: {}".format(order), exc_info=True)
raise
pem_certificate = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM,
OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
orderr.fullchain_pem)).decode()
@ -382,3 +386,7 @@ class ACMEIssuerPlugin(IssuerPlugin):
if option.get('name') == 'certificate':
acme_root = option.get('value')
return acme_root, "", [role]
def cancel_ordered_certificate(self, pending_cert, **kwargs):
# Needed to override issuer function.
pass