itronic / itr-acme-client Goto Github PK

Like the title goes, went through the code but couldn't find where exactly the data contained in $this->certAccountContact is being used.

Care to show me please ?

Thanks

Hi,

Thanks for the great script, once again!

I am trying to use cPannel to manually install a generated certificate

The generated certificates have the following form:

Array
(
    [RSA] => Array
        (
            [cert] => -----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAg....UhfIuYbDRHrwsJf3
-----END CERTIFICATE-----

            [chain] => -----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAg...KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----


            [key] => -----BEGIN PRIVATE KEY-----
MIIEvQIBADA....kLQxlpRkMXjOA2D3XUBGD08=
-----END PRIVATE KEY-----

            [pem] => -----BEGIN CERTIFICATE-----
MIIGODCC....UhfIuYbDRHrwsJf3
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEkjCCA3...DNFu0Qg==
-----END CERTIFICATE-----

-----BEGIN PRIVATE KEY-----
MIIEvQIB....kLQxlpRkMXjOA2D3XUBGD08=
-----END PRIVATE KEY-----

        )

    [EC] => Array
        (
            [cert] => -----BEGIN CERTIFICATE-----
MIIFbjCCBFag...sbztJbcTL/A=
-----END CERTIFICATE-----

            [chain] => -----BEGIN CERTIFICATE-----
MIIEkjCCA.....DNFu0Qg==
-----END CERTIFICATE-----


            [key] => -----BEGIN EC PRIVATE KEY-----
MHcCAQE...s8Bnydfw==
-----END EC PRIVATE KEY-----

            [ecparams] => -----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----

            [pem] => -----BEGIN CERTIFICATE-----
MIIFbjCCBF....R3jsb4YejZsbztJbcT
L/A=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEkjCCA.../DNFu0Qg==
-----END CERTIFICATE-----

-----BEGIN EC PRIVATE KEY-----
MHcCAQEEI...Bnydfw==
-----END EC PRIVATE KEY-----
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----

        )

)

Then cPanel asks for the following three:

1. Certificate
2. Private Key
3. CA Bundle

Ref: https://dab1nmslvvntp.cloudfront.net/wp-content/uploads/2017/08/1504074026certificates-1024x658.jpg

The private key is named the same and easy to map,

But there are many values marked with BEGIN CERTIFICATE and I am not which values I am supposed to copy

Hi,

Thanks for the library. It's currently the closest simple thing that works without many requirements that are hard to get.

I am, however, facing some errors or issues from the logs (though it seems to complete the request)

The simplelog:

2018-04-01 18:10:26 [info] Loaded SCT Log Server with 0 and 0 operators.
2018-04-01 18:10:26 [debug] Save SCT Log Servers to cache: /tmp/etc/accounts/myaccount/sct_cache.json
2018-04-01 18:10:28 [debug] Can't get SCT entry from server: Google 'Rocketeer' log {
"error_message": "Invalid Request.",
"success": false
}

2018-04-01 18:10:28 [debug] Can't get SCT entry from server: Cloudflare 'Nimbus2018' Log Method Not Allowed
method not allowed: GET

2018-04-01 18:10:29 [debug] Can't get SCT entry from server: Google 'Argon2018' log Bad Request
failed to verify add-chain contents: chain failed to verify: {[[ ...some digits here... ]]} because: x509: certificate signed by unknown authority

2018-04-01 18:10:35 [debug] Can't get SCT entry from server: Cloudflare 'Nimbus2018' Log Method Not Allowed
method not allowed: GET

2018-04-01 18:10:36 [debug] Can't get SCT entry from server: Google 'Pilot' log {
"error_message": "Invalid Request.",
"success": false
}

2018-04-01 18:10:36 [notice] We don't have enough SCT log entries or different operators.

My error.log file has the following:

[01-Apr-2018 18:10:26 America/New_York] PHP Notice: Undefined index: logs in /home/myhomedirectory/public_html/cert/src/itr-acme-client.php on line 857
[01-Apr-2018 18:10:26 America/New_York] PHP Warning: count(): Parameter must be an array or an object that implements Countable in /home/myhomedirectory/public_html/cert/src/itr-acme-client.php on line 857
[01-Apr-2018 18:10:26 America/New_York] PHP Notice: Undefined index: operators in /home/myhomedirectory/public_html/cert/src/itr-acme-client.php on line 857
[01-Apr-2018 18:10:26 America/New_York] PHP Warning: count(): Parameter must be an array or an object that implements Countable in /home/myhomedirectory/public_html/cert/src/itr-acme-client.php on line 857

Any idea what I can do to fix this?

Like the title goes, went through the code but couldn't find where exactly the data contained in $this->certAccountContact is being used.

Care to show me please ?

Thanks

Only regenerate without remain time check...

Can you please implement this? or may be I miss how to use it? (for cron using)

I have something like this, but it is the worsted temporary way

if (file_exists($iac->certDir . '/cert.crt')) {
    $until = exec("openssl x509 -text -in ".$iac->certDir . '/cert.crt'." | grep -o 'Not After :[^,]*'");  $until = strtotime(mb_substr($until,12));
    if (time()<$until-86400*30) { echo "Not now\n"; die; }
}

Worked perfect until now few years

Sending signed request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Method not allowed",
"status": 405
}PHP Notice: Undefined index: identifier in /data/nfs/project.com/server/acme/v1/src/itr-acme-client.php on line 517
PHP Notice: Trying to access array offset on value of type null in /data/nfs/knpzken_ru/server/acme/v1/src/itr-acme-client.php on line 517
PHP Notice: Undefined index: challenges in /data/nfs/project.com/server/acme/v1/src/itr-acme-client.php on line 521
PHP Warning: Invalid argument supplied for foreach() in /data/nfs/project.com/server/acme/v1/src/itr-acme-client.php on line 521

Hello

Good day, Kindly do explain how to use these 2 methods checkHTTPChallenge($domain, $token, $keyAuthorization) and checkDNSChallenge($domain, $DNSDigest)

From there names, easy to spot their role but some parameters BUT having issue with some of their parameters for instance, for checkDNSChallenge($domain, $DNSDigest) requiring 2 parameters $domain, and $DNSDigest , I know the $domain is the domain requiring the verification e.g example.com

BUT what about the second parameter $DNSDigest ? What's it and what am I supposed to fill it in with.

Same with checkHTTPChallenge($domain, $token, $keyAuthorization) where I understands the first parameter but not the rest.

Kindly help please