Comments (25)
Default pfx password is just poshacme
. It should also be a viewable property on the PAOrder object returned by things like Get-PAOrder
and is settable with Set-PAOrder
.
from posh-acme.
Hey @Gibonnn, thanks for reaching out. I'm sure it's possible to update the plugin. I'll need to purchase a domain to get access to test with though unless you feel like sharing an existing API key with me. And I can't give a definitive timeframe as I'm about to go out of town for a week.
from posh-acme.
I can't seem to find any references from the Active24 website to this websupport.sk API. All the support documentation still seems to link to the original API. Even the customer center still has my old API tokens there.
https://faq.active24.com/eng/739445-REST-API-for-developers?l=en-US
from posh-acme.
The current API is also still working for me for things like payment history queries. Where are you hearing they have a new management system and that the old API is no longer working?
from posh-acme.
If anything, websupport.sk seems to be its own separate provider. Or is this some sort of rebranding from Active24 to WebSupport.sk?
from posh-acme.
Hi,
Thanks for quick check. Yes websupport.sk and websupport.cz is a new management system for Active24. They also mention it on their website, but maybe that only affects Czech customers, like me. I have to take a closer look again and maybe contact their support.
For my domain hosted there I cant create any cert with the script, it tells me it cant find the zone for the dns challenge, but I know its there.
Sorry Im also leaving for 4 days now and cant provide any error messages now. Will ping when Im back.
Cheers!
from posh-acme.
Here is the info about the change in English.
https://www.active24.com/en/about/active-24-moving-to-new-platform
from posh-acme.
Thanks. That explains why my own account may not have been moved yet. But basically it seems like I just need to develop a new plugin for WebSupport.sk in general and that should cover anyone already there or anyone from Active24 who has been moved already.
from posh-acme.
yea I guess so. Think thats feasable for you? In case, I could at least save you the bucks and pay some dummy domain.
Happy Easter! .)
from posh-acme.
Definitely feasible. I might even be able to whip up a draft plugin before I take off on my trip. It looks like the cheapest TLD there is about 3 EUR right now. I can take care of purchasing the domain. But if you feel like tossing a few bucks my way via the Github sponsors link, that would be appreciated.
from posh-acme.
Sounds great! Yea, I will send some hello card your way ;)
from posh-acme.
Just as a status update, I have working code that can authenticate to the WebSupport API now. But my domain registration is stalled pending some identity verification on their end. So I can't get much further until they validate some documents I sent.
from posh-acme.
Domain registration all set. But now I'm running into some rough edges with their API. In particular, there are only 4 basic DNS operations. But all of them require a service
parameter which is apparently an internal ID for the domain in their system. But there does not appear to be a way to use the API to query the list of available services on an account.
So with the new plugin, you're going to have to first look up the service IDs in the GUI control panel associated with the domains in your certificate. Then you'll have to pass them as part of the PluginArgs hashtable you send along with the API credentials. The old Active24 API didn't require this because you could just use the domain name directly in the query.
Their docs and the current functionality of the API also don't quite match up in certain places. So it's a bit slower than it should be figuring out how things are supposed to work. The GET request for records in web-based Swagger testing tool doesn't actually work because it has mandatory filtering values in the Body of the GET request and then complains that GETs aren't allowed to have a Body.
None of this is your problem, btw. I'm just sort of thinking out loud as I work through the process to create this plugin.
from posh-acme.
Ugh, there's also no surefire way to determine what domain a given service ID is associated with. You can infer based on the records that exist in the zone. But if the zone is empty, you're stuck because the GET records query won't return any data with the domain name in it.
from posh-acme.
Hey @Gibonnn, give this draft plugin a try. You can just download the file and throw it into the existing Plugins folder.
https://github.com/rmbolger/Posh-ACME/blob/websupport/Posh-ACME/Plugins/WebsupportSK.ps1
And here's a link to the draft usage guide if you need it.
https://github.com/rmbolger/Posh-ACME/blob/websupport/docs/Plugins/WebsupportSK.md
Once you have the plugin installed and force re-import the module, here's how you can switch the plugin on an existing Posh-ACME order.
$pArgs = @{
WskCredential = Get-Credential # username is API Identifier, password is API Secret
WskServiceId = '12345','23456' # These are the domain IDs from the web portal
}
Set-PAOrder example.com -Plugin WebsupportSK -PluginArgs $pArgs -DnsSleep 300
from posh-acme.
Cool, I will check it out hopefully tonight.
Thanks!!
from posh-acme.
I sent an email to support asking about some feature requests to the API to make it less cumbersome to use. Apparently, this v2 version of the API is still pretty new and missing a lot of features that used to exist in v1 they haven't implemented yet.
I'll have to see if I can combine using v1 and v2 so you don't have to do things like specify the Service ID for your domains in the plugin args. But the existing draft plugin should still work for the time being.
from posh-acme.
Ok, updated the draft version and it no longer requires specifying the service IDs. You can now use it like this:
$pArgs = @{
WskCredential = Get-Credential # username is API Identifier, password is API Secret
}
Set-PAOrder example.com -Plugin WebsupportSK -PluginArgs $pArgs -DnsSleep 300
from posh-acme.
Ryan, I did not have a chance to try it yet. Me and my wife and daughter have returned yesterday evening after 3 days of Handball tournament that my son played.
Thanks for your work and I will let you know the outcome when I can.
Cheeeeers
from posh-acme.
Hi Ryan,
just tried as adviced and nothing happened. Right after I hit enter I got empty line, no error, info, nothing.
Rg
from posh-acme.
Sorry for the confusion. The Set-PAOrder command just changes the active plugin details for that order. If you now want to try renewing the cert, you’d need to run Submit-Renewal as normal or let your scheduled task do it if you have one setup.
from posh-acme.
OK WIth New-PACertificate everything went well and its working fine! I got my certifikace nice and shiny.
Thanks a lot!
from posh-acme.
Excellent! Happy to hear it. I’ll try and wrap everything up into a new release when I get back from my own trip.
from posh-acme.
Sure, thanks again! I have sent some coffee money for the great help.
Just one more question - what would be the password for the PFX file to import? I found something like "PfxPassB64U" in the order.json, but that one is not accepted by Windows import wizard.
Cheers, enjoy your trip .)
from posh-acme.
Related Issues (20)
- Set-PAOrder revokes certificate when -Force used, even with -RevokeCert:$false HOT 1
- [WebRoot Plugin] Support for Network Share Credentials HOT 3
- Is there a reason that the (Get-PACertificate).RenewAfter property is a [System.String] when the NotBefore and NotAfter are [datetime]? HOT 2
- How to use with PowerDNS, can't fins DNS-plugin? HOT 12
- Feedback Request: Dropping Support for PowerShell 5.1 HOT 5
- 1year / 365 days cert ZeroSSL (aka Lifetime LifetimeDays variable) HOT 8
- WEDOS DNS support ? HOT 5
- Multiple Accounts with DigiCert HOT 4
- Cloudflare Plug In fails to convert String to SecureString HOT 7
- Submit-Renewal doesn't appear to follow ErrorAction HOT 2
- Is there a full list of supported fields for -Subject? HOT 3
- 404 on Submit-ChallengeValidation when using LetsEncrypt Staging HOT 1
- OVH plugin using DnsAlias fails if not using subdomain of the OVHdomain HOT 2
- Trying to use ZeroSSL HOT 4
- Problem with OVH plugin for creating/renewing certificates HOT 8
- Error requesting certificate with WebRoot plugin HOT 5
- FullChainFile doesn't contain ISRG Root X1 HOT 9
- Pull cert into local certificate store using FQDN and Subsequent renew HOT 5
- CmdLets Repeatedly asking for DNS Text Records HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from posh-acme.