lucky version 2.2.16

index.js

@@ -312,6 +312,9 @@ Greenlock.create = function (gl) {
       if (!gl.approveDomains) {
         gl.approvedDomains = gl.approvedDomains || [];
         gl.approveDomains = function (lexOpts, certs, cb) {
+          var err;
+          var emsg;
+
           if (!gl.email) {
             throw new Error("le-sni-auto is not properly configured. Missing email");
           }
@@ -330,8 +333,12 @@ Greenlock.create = function (gl) {
             lexOpts.communityMember = lexOpts.communityMember;
             return cb(null, { options: lexOpts, certs: certs });
           }
-          log(gl.debug, 'unapproved domain', lexOpts.domains, gl.approvedDomains);
-          cb(new Error("unapproved domain"));
+
+          emsg = "tls SNI for '" + lexOpts.domains.join(',') + "' rejected: not in list '" + gl.approvedDomains + "'";
+          log(gl.debug, emsg, lexOpts.domains, gl.approvedDomains);
+          err = new Error(emsg);
+          err.code = 'E_REJECT_SNI';
+          cb(err);
         };
       }
 
@@ -343,7 +350,15 @@ Greenlock.create = function (gl) {
         try {
           gl.approveDomains(opts, certs, function (_err, results) {
             if (_err) {
-              log(gl.debug, 'gl.approveDomains called with error', _err);
+              if (false !== gl.logRejectedDomains) {
+                console.error("[Error] approveDomains rejected tls sni '" + domain + "'");
+                console.error("[Error] (see https://git.coolaj86.com/coolaj86/greenlock.js/issues/11)");
+                if ('E_REJECT_SNI' !== _err.code) {
+                  console.error("[Error] This is the rejection message:");
+                  console.error(_err.message);
+                }
+                console.error("");
+              }
               cb(_err);
               return;
             }
@@ -351,21 +366,30 @@ Greenlock.create = function (gl) {
             log(gl.debug, 'gl.approveDomains called with certs for', results.certs && results.certs.altnames || 'NONE', 'and options:');
             log(gl.debug, results.options);
 
-            var promise;
-
             if (results.certs) {
               log(gl.debug, 'gl renewing');
-              promise = gl.core.certificates.renewAsync(results.options, results.certs);
+              return gl.core.certificates.renewAsync(results.options, results.certs).then(
+                function (certs) { cb(null, certs); }
+              , function (e) {
+                  console.debug("Error renewing certificate for '" + domain + "':");
+                  console.debug(e);
+                  console.error("");
+                  cb(e);
+                }
+              );;
             }
             else {
               log(gl.debug, 'gl getting from disk or registering new');
-              promise = gl.core.certificates.getAsync(results.options);
-            }
-
-            return promise.then(function (certs) { cb(null, certs); }, function (e) {
-              if (gl.debug) { console.debug("Error"); console.debug(e); }
+              return gl.core.certificates.getAsync(results.options).then(
+                function (certs) { cb(null, certs); }
+              , function (e) {
+                  console.debug("Error loading/registering certificate for '" + domain + "':");
+                  console.debug(e);
+                  console.error("");
                   cb(e);
-            });
+                }
+              );
+            }
           });
         } catch(e) {
           console.error("[ERROR] Something went wrong in approveDomains:");

package.json

@@ -1,6 +1,6 @@
 {
   "name": "greenlock",
-  "version": "2.2.15",
+  "version": "2.2.16",
   "description": "Let's Encrypt for node.js on npm",
   "main": "index.js",
   "scripts": {