summaryrefslogtreecommitdiffstats
path: root/acmens.py
diff options
context:
space:
mode:
authorsiddharth <s@ricketyspace.net>2021-04-16 21:22:35 -0400
committersiddharth <s@ricketyspace.net>2021-04-16 21:22:35 -0400
commit117bd824368ee1712f4095b405184ca13dad982b (patch)
tree4a0954179a997ac661b22daf98ec808a1bdd0738 /acmens.py
parent89d5ecba4d10a6214760a127eefed3394a4bf081 (diff)
acmens.py: update sign_csr
* acmens.py (sign_csr): Update _do_challenge; add handling to fallback to http-01 challenge if dns-01 is preferred but not available.
Diffstat (limited to 'acmens.py')
-rw-r--r--acmens.py16
1 files changed, 14 insertions, 2 deletions
diff --git a/acmens.py b/acmens.py
index 9946ba1..1a856c0 100644
--- a/acmens.py
+++ b/acmens.py
@@ -134,8 +134,20 @@ def sign_csr(account_key, csr, email=None, challenge_type="http"):
)
domain = chl_result["identifier"]["value"]
- type_id = "dns-01" if challenge_type == "dns" else "http-01"
- challenge = [c for c in chl_result["challenges"] if c["type"] == type_id][0]
+ # Choose challenge.
+ preferred_type = "dns-01" if challenge_type == "dns" else "http-01"
+ challenge = None
+ http_challenge = None
+ for c in chl_result["challenges"]:
+ if c["type"] == preferred_type:
+ challenge = c
+ if c["type"] == "http-01":
+ http_challenge = c
+ if challenge is None:
+ if http_challenge is None:
+ sys.stderr.write("Error: Unable to find challenges!")
+ sys.exit(1)
+ challenge = http_challenge # Fallback to http challenge.
keyauthorization = "{0}.{1}".format(challenge["token"], thumbprint)
dns_payload = _b64(hashlib.sha256(keyauthorization.encode()).digest())