Work in progress toward renewer enrollment

2026-06-07 07:42:08 -04:00 · 2015-05-08 15:00:35 -07:00 · 2015-05-08 15:00:35 -07:00 · 2ee1ab05b3
commit 2ee1ab05b3
parent 953b57453e
2 changed files with 15 additions and 7 deletions
--- a/letsencrypt/client/client.py
+++ b/letsencrypt/client/client.py
@ -147,7 +147,7 @@ class Client(object):
        cert_pem = certr.body.as_pem()
        chain_pem = None
        if certr.cert_chain_uri:
-            chain_pem = self.network.fetch_chain(certr.cert_chain_uri)
+            chain_pem = self.network.fetch_chain(certr)

        if chain_pem is None:
            # XXX: just to stop RenewableCert from complaining; this is
@ -158,7 +158,8 @@ class Client(object):
    def obtain_and_enroll_certificate(self, domains, csr=None):
        cert_pem, privkey, chain_pem = self._obtain_certificate(domains, csr)
        return renewer.RenewableCert.new_lineage(domains[0], cert_pem,
-                                                 privkey, chain_pem)
+                                                 privkey, chain_pem, None,
+                                                 vars(self.config.namespace))
        # XXX: self.account.key.file is totally wrong here, that's
        #      the account key and not the cert key!

--- a/letsencrypt/client/renewer.py
+++ b/letsencrypt/client/renewer.py
@ -323,14 +323,19 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
            return False

    @classmethod
-    def new_lineage(cls, lineagename, cert, privkey, chain, config=DEFAULTS):
+    def new_lineage(cls, lineagename, cert, privkey, chain, configurator=None,
+                    renewalparams=None, config=DEFAULTS):
        # pylint: disable=too-many-locals
        """Create a new certificate lineage with the (suggested) lineage name
        lineagename, and the associated cert, privkey, and chain (the
-        associated fullchain will be created automatically).  Returns a new
-        RenewableCert object referring to the created lineage.  (The actual
-        lineage name, as well as all the relevant file paths, will be
-        available within this object.)"""
+        associated fullchain will be created automatically).  Optional
+        configurator and renewalparams record the configuration that was
+        originally used to obtain this cert, so that it can be reused later
+        during automated renewal.
+
+        Returns a new RenewableCert object referring to the created
+        lineage. (The actual lineage name, as well as all the relevant
+        file paths, will be available within this object.)"""
        configs_dir = config["renewal_configs_dir"]
        archive_dir = config["official_archive_dir"]
        live_dir = config["live_dir"]
@ -380,6 +385,8 @@ class RenewableCert(object):  # pylint: disable=too-many-instance-attributes
        new_config["privkey"] = privkey_target
        new_config["chain"] = chain_target
        new_config["fullchain"] = fullchain_target
+        if configurator: new_config["configurator"] = configurator
+        if renewalparams: new_config["renewalparams"] = renewalparams
        # TODO: add human-readable comments explaining other available
        #       parameters
        new_config.write()