ervin/acme.sh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix issuing certs

Browse Source 
I encountered a few problems after updating to new newest acme.sh.

First, I was getting "KeyID header contained an invalid account URL", because the "location:" wasn't getting stripped out of the KeyID header.
Next, I got an error where it didn't want to recognize the "authorizations" part of the JSON response. I fixed this by stripping newlines before searching for it.
Finally, it wasn't recognizing the "valid" status because there was a space after the colon (`"status": "valid"` instead of `"status":"valid"`).

I've tried to only use features that are used elsewhere in acme.sh to maintain compatibility with dash and sh, but I haven't tested with anything other than bash.
This commit is contained in:
Nunzio Tocci 2019-10-25 13:38:17 -05:00 committed by GitHub
parent 54143ae6d4
commit f13981b2e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
acme.sh
View File

@ -1948,7 +1948,7 @@ _send_signed_request() {
if [ "$url" = "$ACME_NEW_ACCOUNT" ] || [ "$url" = "$ACME_REVOKE_CERT" ]; then if [ "$url" = "$ACME_NEW_ACCOUNT" ] || [ "$url" = "$ACME_REVOKE_CERT" ]; then
protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}' protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
else else
protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"kid\": \"${ACCOUNT_URL}\""'}' protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"kid\": \""$(echo "${ACCOUNT_URL}" | sed -e "s/location\\://")"\""'}'
fi fi
else else
protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}' protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
@ -3982,7 +3982,7 @@ issue() {
#for dns manual mode #for dns manual mode
_savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize" _savedomainconf "Le_OrderFinalize" "$Le_OrderFinalize"
_authorizations_seg="$(echo "$response" | _egrep_o '"authorizations" *: *\[[^\]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')" _authorizations_seg="$(echo "$response" | tr '\n' ' ' | _egrep_o '"authorizations" *: *\[[^\]*\]' | cut -d '[' -f 2 | tr -d ']' | tr -d '"')"
_debug2 _authorizations_seg "$_authorizations_seg" _debug2 _authorizations_seg "$_authorizations_seg"
if [ -z "$_authorizations_seg" ]; then if [ -z "$_authorizations_seg" ]; then
_err "_authorizations_seg not found." _err "_authorizations_seg not found."
@ -4480,7 +4480,7 @@ $_authorizations_map"
_link_cert_retry=0 _link_cert_retry=0
_MAX_CERT_RETRY=5 _MAX_CERT_RETRY=5
while [ "$_link_cert_retry" -lt "$_MAX_CERT_RETRY" ]; do while [ "$_link_cert_retry" -lt "$_MAX_CERT_RETRY" ]; do
if _contains "$response" "\"status\":\"valid\""; then if _contains "$response" "\"status\":\"valid\"" || _contains "$response" "\"status\": \"valid\""; then
_debug "Order status is valid." _debug "Order status is valid."
Le_LinkCert="$(echo "$response" | _egrep_o '"certificate" *: *"[^"]*"' | cut -d '"' -f 4)" Le_LinkCert="$(echo "$response" | _egrep_o '"certificate" *: *"[^"]*"' | cut -d '"' -f 4)"
_debug Le_LinkCert "$Le_LinkCert" _debug Le_LinkCert "$Le_LinkCert"