The command line takes a comma separated list of domain names. To be able to use the list of existing domain names it would be helpful to get a list that is also comma separated.
Sample use case: If you would like to add a new domain to an existing certificate you need to list all existing domain names.
Makes certbot certificates use comma-separated domain names instead of space-separated.
* Hide exceptions that occur during session.close()
This fixes#4840. Exceptions that are raised out of __del__ methods are caught
and printed to stderr. By catching any exceptions that occur, we now prevent
this from happening.
Alternative solutions to this would have been either not calling
session.close() at all or adding a close() method to acme.client.ClientNetwork,
acme.client.Client, and certbot.client.Client and using certbot.client.Client
in a context manager to ensure close() is called. The former means that users
of the ACME library never properly close their connections until their program
exits and the latter adds a lot of complexity and nesting of client code for
little benefit.
* Only catch Exceptions
The cert filename is chosen based on the first domain listed. With certs with overlapping domains or where some domains are less canonical, it's therefore useful to put the most canonical/unique domain first. This updates the help text to inform users of this fact.
* Revert "Don't save keys/csr on dry run (#4380)"
This reverts commit e034b50363.
* Don't save CSRs and keys during dry run
* Factor out _test_obtain_certificate_common
* Add test_obtain_certificate_dry_run
* Wrap key from make_key in util.Key
* Wrap result from make_csr in util.CSR
* Pin oldest version of packaged python deps
* Install security extras in oldest tests
* Revert "bump requests requirement to >=2.10 (#4248)"
This reverts commit 402ad8b353.
* Use create=True when patching open on module
* Remove py26 oldest tests.
The only systems where we support Python 2.6 use certbot-auto so the oldest
supported versions of our dependencies are never used when using supported
installation methods. Let's remove this unnecessary and slow test.
* Make tox.ini happy
* Remove py26-oldest from Travis
* Highlight failures more with asterisks
* Filter out wildcard names from all_names
* Only test -ai, not -aie (no redirects)
* Modified versions of almost all of 79 configs corpus
* Re-enable now-working stanza with 301 redirect
* Change another redirect to go to :443
* Add TLS-SNI-01 support to Manual plugin
* Add environment variable CERTBOT_SNI_DOMAIN for manual-auth-hook
* Make AuthenticatorTest inherit from TempDirTestCase
* Add test_get_z_domain()
* Document CERTBOT_SNI_DOMAIN in docs/using.rst
Introduce a plugin that automates the process of completing a dns-01 challenge by creating, and subsequently removing, TXT records using RFC 2136 Dynamic Updates (a.k.a. nsupdate).
This plugin has been tested with BIND, but may work with other RFC 2136-compatible DNS servers, such as PowerDNS.
Implement an Authenticator which can fulfill a dns-01 challenge using
the LuaDNS API. Applicable only for domains using LuaDNS for DNS.
Testing Done:
* `tox -e py27`
* `tox -e lint`
* Manual testing:
* Used `certbot certonly --dns-luadns -d`, specifying a
credentials file as a command line argument. Verified that a
certificate was successfully obtained without user interaction.
* Negative testing:
* Path to non-existent credentials file.
* Credentials file with unsafe permissions (644).
* Path to credentials file without an email.
* Path to credentials file with an invalid email.
* Path to credentials file without a token.
* Path to credentials file with an invalid token.
* Domain name not registered to LuaDNS account.
