@ -756,12 +756,8 @@ ACME._postChallenge = function (me, options, kid, auth) {
altname : altname
} ) ;
if ( 'processing' === resp . body . status ) {
//#console.debug('poll: again', auth.url);
return ACME . _ wait ( RETRY_INTERVAL ) . then ( pollStatus ) ;
}
// This state should never occur
// State can be pending while waiting ACME server to transition to
// processing
if ( 'pending' === resp . body . status ) {
if ( count >= MAX_PEND ) {
return ACME . _ wait ( RETRY_INTERVAL )
@ -769,7 +765,12 @@ ACME._postChallenge = function (me, options, kid, auth) {
. then ( respondToChallenge ) ;
}
//#console.debug('poll: again', auth.url);
return ACME . _ wait ( RETRY_INTERVAL ) . then ( respondToChallenge ) ;
return ACME . _ wait ( RETRY_INTERVAL ) . then ( pollStatus ) ;
}
if ( 'processing' === resp . body . status ) {
//#console.debug('poll: again', auth.url);
return ACME . _ wait ( RETRY_INTERVAL ) . then ( pollStatus ) ;
}
// REMOVE DNS records as soon as the state is non-processing
@ -1012,73 +1013,84 @@ ACME._pollOrderStatus = function (me, options, kid, order, verifieds) {
var body = { csr : csr64 } ;
var payload = JSON . stringify ( body ) ;
function pollCert ( ) {
//#console.debug('[ACME.js] pollCert:', order._finalizeUrl);
return U . _ jwsRequest ( me , {
accountKey : options . accountKey ,
url : order . _ finalizeUrl ,
protected : { kid : kid } ,
payload : Enc . strToBuf ( payload )
} ) . then ( function ( resp ) {
ACME . _ notify ( me , options , 'certificate_status' , {
subject : options . domains [ 0 ] ,
status : resp . body . status
} ) ;
// https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.1.3
// Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid"
if ( 'valid' === resp . body . status ) {
var voucher = resp . body ;
voucher . _ certificateUrl = resp . body . certificate ;
function processResponse ( resp ) {
ACME . _ notify ( me , options , 'certificate_status' , {
subject : options . domains [ 0 ] ,
status : resp . body . status
} ) ;
return voucher ;
}
// https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.1.3
// Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid"
if ( 'valid' === resp . body . status ) {
var voucher = resp . body ;
voucher . _ certificateUrl = resp . body . certificate ;
if ( 'processing' === resp . body . status ) {
return ACME . _ wait ( ) . then ( pollCert ) ;
}
return voucher ;
}
if ( me . debug ) {
console . debug (
'Error: bad status:\n' + JSON . stringify ( resp . body , null , 2 )
) ;
}
if ( 'processing' === resp . body . status ) {
return ACME . _ wait ( ) . then ( pollStatus ) ;
}
if ( 'pending' === resp . body . status ) {
return Promise . reject (
new Error (
"Did not finalize order: status 'pending'." +
' Best guess: You have not accepted at least one challenge for each domain:\n' +
"Requested: '" +
options . domains . join ( ', ' ) +
"'\n" +
"Validated: '" +
verifieds . join ( ', ' ) +
"'\n" +
JSON . stringify ( resp . body , null , 2 )
)
) ;
}
if ( me . debug ) {
console . debug (
'Error: bad status:\n' + JSON . stringify ( resp . body , null , 2 )
) ;
}
if ( 'invalid' === resp . body . status ) {
return Promise . reject (
E . ORDER_INVALID ( options , verifieds , resp )
) ;
}
if ( 'pending' === resp . body . status ) {
return Promise . reject (
new Error (
"Did not finalize order: status 'pending'." +
' Best guess: You have not accepted at least one challenge for each domain:\n' +
"Requested: '" +
options . domains . join ( ', ' ) +
"'\n" +
"Validated: '" +
verifieds . join ( ', ' ) +
"'\n" +
JSON . stringify ( resp . body , null , 2 )
)
) ;
}
if ( 'ready' === resp . body . status ) {
return Promise . reject (
E . DOUBLE_READY_ORDER ( options , verifieds , resp )
) ;
}
if ( 'invalid ' === resp . body . status ) {
return Promise . reject (
E . ORDER_INVALID ( options , verifieds , resp )
) ;
}
if ( 'ready' === resp . body . status ) {
return Promise . reject (
E . UNHANDLED_ORDER_STATUS ( options , verifieds , resp )
E . DOUB LE_REA DY _ORDER ( options , verifieds , resp )
) ;
} ) ;
}
return Promise . reject (
E . UNHANDLED_ORDER_STATUS ( options , verifieds , resp )
) ;
}
function pollStatus ( ) {
return U . _ jwsRequest ( me , {
accountKey : options . accountKey ,
url : order . _ orderUrl ,
protected : { kid : kid } ,
payload : Enc . binToBuf ( '' )
} ) . then ( processResponse ) ;
}
function finalizeOrder ( ) {
//#console.debug('[ACME.js] pollCert:', order._finalizeUrl);
return U . _ jwsRequest ( me , {
accountKey : options . accountKey ,
url : order . _ finalizeUrl ,
protected : { kid : kid } ,
payload : Enc . strToBuf ( payload )
} ) . then ( processResponse ) ;
}
return pollCert ( ) ;
return finalizeOrder ( ) ;
} ;
ACME . _ redeemCert = function ( me , options , kid , voucher ) {