def db_acme_cert_issuance(session, tid):
priv_fact = ConfigFactory(session, tid)
hostname = State.tenant_cache[tid].hostname
# Temporary fix for https://github.com/certbot/certbot/issues/6246
# raw_accnt_key = priv_fact.get_val(u'acme_accnt_key')
raw_accnt_key = db_create_acme_key(session, tid)
if isinstance(raw_accnt_key, text_type):
raw_accnt_key = raw_accnt_key.encode()
accnt_key = serialization.load_pem_private_key(raw_accnt_key,
password=None,
backend=default_backend())
priv_key = priv_fact.get_val(u'https_priv_key')
tmp_chall_dict = State.tenant_state[tid].acme_tmp_chall_dict
# Run ACME registration all the way to resolution
cert_str, chain_str = letsencrypt.run_acme_reg_to_finish(
hostname, accnt_key, priv_key, hostname, tmp_chall_dict,
Settings.acme_directory_url)
priv_fact.set_val(u'https_cert', cert_str)
priv_fact.set_val(u'https_chain', chain_str)
State.tenant_cache[tid].https_cert = cert_str
State.tenant_cache[tid].https_chain = chain_str
def db_acme_cert_issuance(store):
hostname = GLSettings.memory_copy.hostname
raw_accnt_key = PrivateFactory(store).get_val('acme_accnt_key')
accnt_key = serialization.load_pem_private_key(str(raw_accnt_key),
password=None,
backend=default_backend())
priv_key = PrivateFactory(store).get_val('https_priv_key')
regr_uri = PrivateFactory(store).get_val('acme_accnt_uri')
csr_fields = {'CN': hostname}
# NOTE sha256 is always employed as hash fnc here.
csr = tls.gen_x509_csr(priv_key, csr_fields, 256)
# Run ACME registration all the way to resolution
cert_str, chain_str = letsencrypt.run_acme_reg_to_finish(hostname,
regr_uri,
accnt_key,
priv_key,
csr,
tmp_chall_dict,
GLSettings.acme_directory_url)
PrivateFactory(store).set_val('https_cert', cert_str)
PrivateFactory(store).set_val('https_chain', chain_str)
def db_acme_cert_issuance(session, tid):
priv_fact = ConfigFactory(session, tid)
hostname = State.tenant_cache[tid].hostname
# Temporary fix for https://github.com/certbot/certbot/issues/6246
# raw_accnt_key = priv_fact.get_val(u'acme_accnt_key')
raw_accnt_key = db_create_acme_key(session, tid)
if isinstance(raw_accnt_key, text_type):
raw_accnt_key = raw_accnt_key.encode()
accnt_key = serialization.load_pem_private_key(raw_accnt_key,
password=None,
backend=default_backend())
priv_key = priv_fact.get_val(u'https_priv_key')
tmp_chall_dict = State.tenant_state[tid].acme_tmp_chall_dict
# Run ACME registration all the way to resolution
cert_str, chain_str = letsencrypt.run_acme_reg_to_finish(hostname,
accnt_key,
priv_key,
hostname,
tmp_chall_dict,
Settings.acme_directory_url)
priv_fact.set_val(u'https_cert', cert_str)
priv_fact.set_val(u'https_chain', chain_str)
State.tenant_cache[tid].https_cert = cert_str
State.tenant_cache[tid].https_chain = chain_str
def db_acme_cert_issuance(session, tid):
priv_fact = ConfigFactory(session, tid, 'node')
hostname = State.tenant_cache[tid].hostname
raw_accnt_key = priv_fact.get_val(u'acme_accnt_key')
accnt_key = serialization.load_pem_private_key(str(raw_accnt_key),
password=None,
backend=default_backend())
priv_key = priv_fact.get_val(u'https_priv_key')
regr_uri = priv_fact.get_val(u'acme_accnt_uri')
csr_fields = {'CN': hostname}
# NOTE sha256 is always employed as hash fnc here.
csr = tls.gen_x509_csr(priv_key, csr_fields, 256)
tmp_chall_dict = State.tenant_state[tid].acme_tmp_chall_dict
# Run ACME registration all the way to resolution
cert_str, chain_str = letsencrypt.run_acme_reg_to_finish(
hostname, regr_uri, accnt_key, priv_key, csr, tmp_chall_dict,
Settings.acme_directory_url)
priv_fact.set_val(u'https_cert', cert_str)
priv_fact.set_val(u'https_chain', chain_str)
State.tenant_cache[tid].https_cert = cert_str
State.tenant_cache[tid].https_chain = chain_str
def db_acme_cert_issuance(session, tid):
priv_fact = ConfigFactory(session, tid, 'node')
hostname = State.tenant_cache[tid].hostname
raw_accnt_key = priv_fact.get_val(u'acme_accnt_key')
accnt_key = serialization.load_pem_private_key(raw_accnt_key.encode(),
password=None,
backend=default_backend())
priv_key = priv_fact.get_val(u'https_priv_key')
tmp_chall_dict = State.tenant_state[tid].acme_tmp_chall_dict
# Run ACME registration all the way to resolution
cert_str, chain_str = letsencrypt.run_acme_reg_to_finish(
hostname, accnt_key, priv_key, hostname, tmp_chall_dict,
Settings.acme_directory_url)
priv_fact.set_val(u'https_cert', cert_str)
priv_fact.set_val(u'https_chain', chain_str)
State.tenant_cache[tid].https_cert = cert_str
State.tenant_cache[tid].https_chain = chain_str