From 2ee1ab05b33370e3d8dcd2fc79b2974d61cd7fe1 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Fri, 8 May 2015 15:00:35 -0700 Subject: [PATCH] Work in progress toward renewer enrollment --- letsencrypt/client/client.py | 5 +++-- letsencrypt/client/renewer.py | 17 ++++++++++++----- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/letsencrypt/client/client.py b/letsencrypt/client/client.py index f9701539d..1a2f198b3 100644 --- a/letsencrypt/client/client.py +++ b/letsencrypt/client/client.py @@ -147,7 +147,7 @@ class Client(object): cert_pem = certr.body.as_pem() chain_pem = None if certr.cert_chain_uri: - chain_pem = self.network.fetch_chain(certr.cert_chain_uri) + chain_pem = self.network.fetch_chain(certr) if chain_pem is None: # XXX: just to stop RenewableCert from complaining; this is @@ -158,7 +158,8 @@ class Client(object): def obtain_and_enroll_certificate(self, domains, csr=None): cert_pem, privkey, chain_pem = self._obtain_certificate(domains, csr) return renewer.RenewableCert.new_lineage(domains[0], cert_pem, - privkey, chain_pem) + privkey, chain_pem, None, + vars(self.config.namespace)) # XXX: self.account.key.file is totally wrong here, that's # the account key and not the cert key! diff --git a/letsencrypt/client/renewer.py b/letsencrypt/client/renewer.py index 5b3973a9b..2ecd603b9 100644 --- a/letsencrypt/client/renewer.py +++ b/letsencrypt/client/renewer.py @@ -323,14 +323,19 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes return False @classmethod - def new_lineage(cls, lineagename, cert, privkey, chain, config=DEFAULTS): + def new_lineage(cls, lineagename, cert, privkey, chain, configurator=None, + renewalparams=None, config=DEFAULTS): # pylint: disable=too-many-locals """Create a new certificate lineage with the (suggested) lineage name lineagename, and the associated cert, privkey, and chain (the - associated fullchain will be created automatically). Returns a new - RenewableCert object referring to the created lineage. (The actual - lineage name, as well as all the relevant file paths, will be - available within this object.)""" + associated fullchain will be created automatically). Optional + configurator and renewalparams record the configuration that was + originally used to obtain this cert, so that it can be reused later + during automated renewal. + + Returns a new RenewableCert object referring to the created + lineage. (The actual lineage name, as well as all the relevant + file paths, will be available within this object.)""" configs_dir = config["renewal_configs_dir"] archive_dir = config["official_archive_dir"] live_dir = config["live_dir"] @@ -380,6 +385,8 @@ class RenewableCert(object): # pylint: disable=too-many-instance-attributes new_config["privkey"] = privkey_target new_config["chain"] = chain_target new_config["fullchain"] = fullchain_target + if configurator: new_config["configurator"] = configurator + if renewalparams: new_config["renewalparams"] = renewalparams # TODO: add human-readable comments explaining other available # parameters new_config.write()