coolaj86
/
acme.js
mirror of https://github.com/therootcompany/acme.js.git
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity

fix: poll order status, not finalize status

This commit is contained in:
AJ ONeal 2024-05-13 12:23:36 -06:00
parent 005b496054
commit 61a435d6c2
No known key found for this signature in database
GPG Key ID: F1D692A76F70CF98
1 changed files with 129 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
index.js
View File

@ -900,9 +900,15 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains); var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains);
var body = { csr: csr }; var body = { csr: csr };
var payload = JSON.stringify(body); var payload = JSON.stringify(body);
var tried = false;
var orderUrl = '';
function pollCert() { function pollCert() {
var jws = me.RSA.signJws( var certReq;
var jws;
if (!tried) {
tried = true;
jws = me.RSA.signJws(
options.accountKeypair, options.accountKeypair,
undefined, undefined,
{ {
@ -913,22 +919,44 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
}, },
Buffer.from(payload) Buffer.from(payload)
); );
certReq = {
method: 'POST',
url: me._finalize,
headers: { 'Content-Type': 'application/jose+json' },
json: jws
};
} else {
jws = me.RSA.signJws(
options.accountKeypair,
undefined,
{
nonce: me._nonce,
alg: me._alg || 'RS256',
url: orderUrl,
kid: me._kid
},
''
);
certReq = {
method: 'POST',
url: orderUrl,
headers: { 'Content-Type': 'application/jose+json' },
json: jws
};
}
if (me.debug) { if (me.debug) {
console.debug('finalize:', me._finalize); console.debug('finalize:', me._finalize);
} }
me._nonce = null; me._nonce = null;
return me
._request({ return me._request(certReq).then(function (resp) {
method: 'POST',
url: me._finalize,
headers: { 'Content-Type': 'application/jose+json' },
json: jws
})
.then(function (resp) {
// https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.1.3 // https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.1.3
// Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid" // Possible values are: "pending" => ("invalid" || "ready") => "processing" => "valid"
me._nonce = resp.toJSON().headers['replay-nonce']; me._nonce = resp.toJSON().headers['replay-nonce'];
if (resp.headers.location) {
orderUrl = resp.headers.location;
}
if (me.debug) { if (me.debug) {
console.debug('order finalized: resp.body:'); console.debug('order finalized: resp.body:');
@ -1177,7 +1205,11 @@ ACME._getCertificate = function (me, options) {
me._authorizations = resp.body.authorizations; me._authorizations = resp.body.authorizations;
me._order = location; me._order = location;
me._finalize = resp.body.finalize; me._finalize = resp.body.finalize;
//if (me.debug) console.debug('[DEBUG] finalize:', me._finalize); return; if (me.debug)
console.debug('[DEBUG] pre-finalize:', resp.headers);
if (me.debug) console.debug('[DEBUG] pre-finalize:', resp.body);
if (me.debug)
console.debug('[DEBUG] pre-finalize:', me._finalize);
if (!me._authorizations) { if (!me._authorizations) {
return Promise.reject( return Promise.reject(