for (Authorization auth : order.getAuthorizations()) { authorize(auth); order.execute(csrb.getEncoded()); while (order.getStatus() != Status.VALID && attempts-- > 0) { if (order.getStatus() == Status.INVALID) { throw new AcmeException("Order failed... Giving up."); order.update(); Certificate certificate = order.getCertificate();
order.execute(certificateRequest); } catch (AcmeException e) { LOGGER.error("Problem executing the cert request", e); while (order.getStatus() != Status.VALID && count < 6) { if (order.getStatus() == Status.INVALID) { throw new LetsencryptException("The order failed"); try { LOGGER.info("Updating the status"); order.update(); } catch (AcmeException e) { LOGGER.error("Problem updating the order status", e); throw new LetsencryptException("Problem updating the order status", e); LOGGER.info("[{}] Current order status: {}", count, order.getStatus()); ++count; if (order.getStatus() != Status.VALID) { LOGGER.error("Order status is still not valid after 1 minute. Status is {} ; problem is {} ; json: {}", order.getStatus(), order.getError(), order.getJSON().toString()); throw new LetsencryptException("Order status is still not valid after 1 minute. Status is " + order.getStatus()); Certificate certificate = order.getCertificate(); X509Certificate cert = certificate.getCertificate(); return new RSACertificate(cert);
public CompletableFuture<CertAndSigningRequest> finalizeOrder(ProxyOrder order, KeyPair accountKeyPair, String email, String domain, String organization) { Stream<Authorization> stream = order.getOrder().getAuthorizations().stream(); Stream<CompletableFuture<Void>> futures = stream.map( (auth) -> processChallenge(auth)); CompletableFuture<List<Void>> results = futures.collect(CompletableFutureCollector.allOf()); return results.thenCompose( (nothing) -> finalizeOrder(order, domain, organization, accountKeyPair) ); }
/** * Returns the maximum validity period of each certificate, or {@code null}. * * @since 2.3 */ @CheckForNull public Duration getRecurrentCertificateValidity() { return getJSON().get("recurrent-certificate-validity") .optional() .map(Value::asDuration) .orElse(null); }
/** * Returns a {@link Problem} document if the order failed. */ @CheckForNull public Problem getError() { return getJSON().get("error").map(v -> v.asProblem(getLocation())).orElse(null); }
@Override public Tuple2<Order, Dns01Challenge> challengeInit(String domainName) { AssertTools.assertNotNull(account, "You need to log in first"); Order order; try { order = account.newOrder() // .domains(domainName) // .create(); } catch (AcmeException e) { LOGGER.error("Could not ask for domain {}", domainName, e); throw new LetsencryptException("Could not ask for domain " + domainName, e); } // Get the DNS challenge Dns01Challenge challenge = null; List<String> availableChallenges = new ArrayList<>(); for (Authorization auth : order.getAuthorizations()) { auth.getChallenges().stream().map(it -> it.getType()).forEach(it -> availableChallenges.add(it)); challenge = auth.findChallenge(Dns01Challenge.TYPE); } if (challenge == null) { throw new LetsencryptException("DNS Challenge not found for " + domainName + " ; Available challenges are: [" + Joiner.on(", ").join(availableChallenges) + "]"); } return new Tuple2<>(order, challenge); }
/** * Checks if this order is recurrent, according to the ACME STAR specifications. * * @since 2.3 */ public boolean isRecurrent() { return getJSON().get("recurrent") .optional() .map(Value::asBoolean) .orElse(false); }
/** * Returns a {@link Problem} document if the order failed. */ @CheckForNull public Problem getError() { return getJSON().get("error").map(v -> v.asProblem(getLocation())).orElse(null); }
order.execute(csr); while (order.getStatus() != Status.VALID) { Thread.sleep(3000L); order.update(); Certificate cert = order.getCertificate();
private void checkAuthStatii(Order order) { for(Authorization auth : order.getAuthorizations()) { Status status = auth.getStatus(); log.info("checking auth="+auth.getDomain()+" status="+status+" location="+auth.getLocation()+" expires="+auth.getExpires()); if(status != Status.PENDING) throw new ChallengeInBadStateException("challenge in bad state="+auth.getJSON()); } }
/** * Returns {@code true} if STAR certificates from this order can also be fetched via * GET requests. * * @since 2.6 */ public boolean isRecurrentGetEnabled() { return getJSON().get("recurrent-certificate-get") .optional() .map(Value::asBoolean) .orElse(false); }
for (Authorization auth : order.getAuthorizations()) { authorize(auth); order.execute(csrb.getEncoded()); while (order.getStatus() != Status.VALID && attempts-- > 0) { if (order.getStatus() == Status.INVALID) { throw new AcmeException("Order failed... Giving up."); order.update(); Certificate certificate = order.getCertificate();
/** * @return The list of challenges with tokens to create webpages for that remote end will call to verify we own the domain */ public CompletableFuture<ProxyOrder> placeOrder(URL accountUrl, KeyPair accountKeyPair) { try { log.info("reestablish account from location="+accountUrl+" and keypair"); Session session = new Session("acme://letsencrypt.org/staging"); Login login = session.login(accountUrl, accountKeyPair); Account account = login.getAccount(); log.info("create an order"); String domainTemp = "something.com"; Order order = account.newOrder() .domain(domainTemp) .create(); checkAuthStatii(order); List<ProxyAuthorization> auths = new ArrayList<>(); for(Authorization auth : order.getAuthorizations()) auths.add(new ProxyAuthorization(auth)); return CompletableFuture.completedFuture(new ProxyOrder(order, auths)); } catch (AcmeException e) { throw new RuntimeException(e); } }
/** * Returns the maximum validity period of each certificate, or {@code null}. * * @since 2.3 */ @CheckForNull public Duration getRecurrentCertificateValidity() { return getJSON().get("recurrent-certificate-validity") .optional() .map(Value::asDuration) .orElse(null); }
final Account account = new AccountBuilder().agreeToTermsOfService().useKeyPair(userKeyPair).create(session); final Order order = account.newOrder().domains(config.getDomains().trim().split(",")).create(); final boolean updated = order.getAuthorizations().stream().map(authorization -> { try { return authorize(authorization); order.execute(csrBuilder.getEncoded()); while (order.getStatus() != Status.VALID && attempts-- > 0) { if (order.getStatus() == Status.INVALID) { throw new AcmeException("Order failed... Giving up."); order.update(); final Certificate certificate = order.getCertificate(); getLogger().info("Got new certificate " + certificate.getLocation() + " for domain(s) " + config.getDomains());
/** * Gets the expiry date of the authorization, if set by the server. */ @CheckForNull public Instant getExpires() { return getJSON().get("expires").map(Value::asInstant).orElse(null); }