maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Fixed class.lescript_v2.php to work with ACMEv2

Browse Source 
When requesting a certificate for multiple Domains/SANs, the request must be done in a single order.
This commit is contained in:
Markus Petermann
2018-09-18 00:53:51 +02:00
parent 164f1a921e
commit 5f29b2cc4a
1 changed files with 40 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
lib/classes/ssl/class.lescript_v2.php
View File

@@ -150,20 +150,18 @@ class lescript_v2
// start domains authentication // start domains authentication
// ---------------------------- // ----------------------------
// Prepare order
$domains_in_order = array();
foreach ($domains as $domain) { foreach ($domains as $domain) {
$domains_in_order []= array(
// 1. getting available authentication options
// -------------------------------------------
$this->log("Requesting challenge for $domain");
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
"identifiers" => array(
array(
"type" => "dns", "type" => "dns",
"value" => $domain "value" => $domain
) );
) }
// Send new-order request
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
"identifiers" => $domains_in_order
), false); ), false);
if ($this->client->getLastCode() == 403) { if ($this->client->getLastCode() == 403) {
@@ -183,8 +181,22 @@ class lescript_v2
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response)); throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
} }
$authorizations = $response['authorizations'];
$finalizeLink = $response['finalize'];
$i = 0;
foreach ($authorizations as $authorization) {
// 1. getting available authentication options
// -------------------------------------------
$domain = $response['identifiers'][$i++]['value'];
$this->log("Requesting challenge for $domain");
// get authorization // get authorization
$auth_response = $this->client->get($response['authorizations'][0]); $auth_response = $this->client->get($authorization);
if (! array_key_exists('challenges', $auth_response)) { if (! array_key_exists('challenges', $auth_response)) {
throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response)); throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
@@ -201,7 +213,6 @@ class lescript_v2
$this->log("Got challenge token for $domain"); $this->log("Got challenge token for $domain");
$location = $challenge['url']; $location = $challenge['url'];
$finalizeLink = $response['finalize'];
// 2. saving authentication token for web verification // 2. saving authentication token for web verification
// --------------------------------------------------- // ---------------------------------------------------