passes register and get, refactored renew

This commit is contained in:
AJ ONeal 2016-08-09 15:38:18 -04:00
parent dad5aca9ff
commit 9c4b1fd43e
1 changed files with 51 additions and 26 deletions

View File

@ -268,12 +268,58 @@ module.exports.create = function (le) {
}); });
} }
// Certificates // Certificates
, renewAsync: function (args) { , renewAsync: function (args, certs) {
// TODO fetch email address (accountBydomain) if not present var renewableAt = core.certificates._getRenewableAt(args, certs);
//var halfLife = (certs.expiresAt - certs.issuedAt) / 2;
//var renewable = (Date.now() - certs.issuedAt) > halfLife;
log(args.debug, "(Renew) Expires At", new Date(certs.expiresAt).toISOString());
log(args.debug, "(Renew) Renewable At", new Date(renewableAt).toISOString());
if (!args.duplicate && Date.now() < renewableAt) {
return PromiseA.reject(new Error(
"[ERROR] Certificate issued at '"
+ new Date(certs.issuedAt).toISOString() + "' and expires at '"
+ new Date(certs.expiresAt).toISOString() + "'. Ignoring renewal attempt until '"
+ new Date(renewableAt).toISOString() + "'. Set { duplicate: true } to force."
));
}
// Either the cert has entered its renewal period
// or we're forcing a refresh via 'dupliate: true'
log(args.debug, "Renewing!");
// TODO fetch email address / accountId (accountBydomain) if not present
// store.config.getAsync(args.domains).then(function (config) { /*...*/ }); // store.config.getAsync(args.domains).then(function (config) { /*...*/ });
if (!args.domains || (args.domains.length || 0) <= 2) {
// this is a renewal, therefore we should renewal ALL of the domains
// associated with this certificate, unless args.domains is a list larger
// than example.com,www.example.com
// TODO check www. prefix
args.domains = certs.altnames;
if (Array.isArray(certs.domains) && certs.domains.length) {
args.domains = certs.domains;
}
}
return core.certificates.registerAsync(args); return core.certificates.registerAsync(args);
} }
// Certificates // Certificates
, _isRenewable: function (args, certs) {
var renewableAt = core.certificates._getRenewableAt(args, certs);
log(args.debug, "Check Expires At", new Date(certs.expiresAt).toISOString());
log(args.debug, "Check Renewable At", new Date(renewableAt).toISOString());
if (args.duplicate || Date.now() >= renewableAt) {
return true;
}
return false;
}
, _getRenewableAt: function (args, certs) {
return certs.expiresAt - le.renewWithin;
}
, checkAsync: function (args) { , checkAsync: function (args) {
var copy = utils.merge(args, le); var copy = utils.merge(args, le);
utils.tplCopy(copy); utils.tplCopy(copy);
@ -299,32 +345,11 @@ module.exports.create = function (le) {
return core.certificates.registerAsync(args); return core.certificates.registerAsync(args);
} }
var renewableAt = certs.expiresAt - le.renewWithin; if (core.certificates._isRenewable(args, certs)) {
//var halfLife = (certs.expiresAt - certs.issuedAt) / 2; certs._renewing = core.certificates.renewAsync(args, certs);
//var renewable = (Date.now() - certs.issuedAt) > halfLife;
log(args.debug, "Expires At", new Date(certs.expiresAt).toISOString());
log(args.debug, "Renewable At", new Date(renewableAt).toISOString());
if (args.duplicate || Date.now() >= renewableAt) {
// The cert is more than half-expired
// We're forcing a refresh via 'dupliate: true'
log(args.debug, "Renewing!");
if (Array.isArray(certs.domains) && certs.domains.length && args.domains.length <= 2) {
// this is a renewal, therefore we should renewal ALL of the domains
// associated with this certificate, unless args.domains is a list larger
// than example.com,www.example.com
// TODO check www. prefix
args.domains = certs.domains;
}
return core.certificates.renewAsync(args);
} }
return PromiseA.reject(new Error( return certs;
"[ERROR] Certificate issued at '"
+ new Date(certs.issuedAt).toISOString() + "' and expires at '"
+ new Date(certs.expiresAt).toISOString() + "'. Ignoring renewal attempt until '"
+ new Date(renewableAt).toISOString() + "'. Set { duplicate: true } to force."
));
}).then(function (results) { }).then(function (results) {
// returns pems // returns pems
return results; return results;