root
/
greenlock-cli.js
mirror da https://git.coolaj86.com/coolaj86/greenlock-cli.js
2
0
Forka 0
Codice Problemi 2 Rilasci Wiki Attività

Skipping verification #2

Nuovo Problema
Aperto
aperto 2020-07-26 17:57:53 +00:00 da Ghost · 5 commenti
Ghost 2020-07-26 17:57:53 +00:00 ha commentato
Copia link

Hi, AJ,

Haven't been in touch for a while, but I'm still using the Greenlock CLI client, which has been serving me well.

I've hit a bit of a snag with the pre-flight checks: they don't work in our setup, because we serve different DNS externally to internally and there is some port forwarding going on.

I can see the ACME library has options to skip the checks (skipChallengeTests and skipDryRun) but as far as I can tell these aren't wired up to the CLI, or even to the greenlock module.

I took a quick look around the code to consider making a quick fix, but the CLI seems to be using some older module versions, etc., so I wasn't sure of the best way to proceed.

Would you be able to help, either by wiring this up for me, or by giving me some pointers for how to put together some code changes for this?

Smiles,

Ben

Hi, AJ, Haven't been in touch for a while, but I'm still using the Greenlock CLI client, which has been serving me well. I've hit a bit of a snag with the pre-flight checks: they don't work in our setup, because we serve different DNS externally to internally and there is some port forwarding going on. I can see the ACME library has options to skip the checks (skipChallengeTests and skipDryRun) but as far as I can tell these aren't wired up to the CLI, or even to the greenlock module. I took a quick look around the code to consider making a quick fix, but the CLI seems to be using some older module versions, etc., so I wasn't sure of the best way to proceed. Would you be able to help, either by wiring this up for me, or by giving me some pointers for how to put together some code changes for this? Smiles, Ben
coolaj86 2020-07-28 05:27:37 +00:00 ha commentato
Proprietario
Copia link

Ah, yes, this old thing.

For the moment, I would say just hack your local version. Then ping me again in about 10 days.

I've just wrapped up two projects I was working on and I've got some Greenlock work on my docket for this week. I'll keep your request in mind and see if I can update the CLI.

What are the options you currently use?

Ah, yes, this old thing. For the moment, I would say just hack your local version. Then ping me again in about 10 days. I've just wrapped up two projects I was working on and I've got some Greenlock work on my docket for this week. I'll keep your request in mind and see if I can update the CLI. What are the options you currently use?
coolaj86 2020-07-28 05:27:53 +00:00 ha commentato
Proprietario
Copia link

P.S. Nice to see you again. :)

P.S. Nice to see you again. :)
Ghost 2020-08-08 13:05:59 +00:00 ha commentato
Autore
Copia link

Hi, AJ. Yeah, it's nice to be in touch again!

Current invocation for old protocol:

greenlock \
	--agree-tos \
	--email {{ admin_email }}
	--webroot --webroot-path /var/local/greenroot \
	--config-dir /var/local/greenlock \
	--domains "$1" \
	--renew-within 28 \
	--server https://acme-v01.api.letsencrypt.org/directory \
	> "$TMP" 2>&1

Desired invocation for new protocol:

node --harmony `which greenlock` certonly \
	--agree-tos \
	--email {{ admin_email }} \
	--webroot --root /var/local/greenroot \
	--config-dir /var/local/greenlock \
	--domains "$1" \
	--renew-within 28 \
	--acme-version draft-11 --acme-url https://acme-v02.api.letsencrypt.org/directory \
	> "$TMP" 2>&1
Hi, AJ. Yeah, it's nice to be in touch again! Current invocation for old protocol: ``` greenlock \ --agree-tos \ --email {{ admin_email }} --webroot --webroot-path /var/local/greenroot \ --config-dir /var/local/greenlock \ --domains "$1" \ --renew-within 28 \ --server https://acme-v01.api.letsencrypt.org/directory \ > "$TMP" 2>&1 ``` Desired invocation for new protocol: ``` node --harmony `which greenlock` certonly \ --agree-tos \ --email {{ admin_email }} \ --webroot --root /var/local/greenroot \ --config-dir /var/local/greenlock \ --domains "$1" \ --renew-within 28 \ --acme-version draft-11 --acme-url https://acme-v02.api.letsencrypt.org/directory \ > "$TMP" 2>&1 ```
Ghost 2020-08-08 13:09:16 +00:00 ha commentato
Autore
Copia link

BTW, we were using v2.2.10, upgrading to v2.3.3 (^v2.3).

BTW, we were using `v2.2.10`, upgrading to `v2.3.3` (`^v2.3`).
Ghost 2021-06-21 11:56:11 +00:00 ha commentato
Autore
Copia link

I avoided needing to skip this check with some reconfiguration on our server. The check doesn't have much value, but at least it doesn't prevent the renewal now. I guess this is still a nice-to-have, so it might be worth leaving open, but it's certainly not an issue for me now.

I avoided needing to skip this check with some reconfiguration on our server. The check doesn't have much value, but at least it doesn't prevent the renewal now. I guess this is still a nice-to-have, so it might be worth leaving open, but it's certainly not an issue for me now.
Effettua l'accesso per partecipare alla conversazione.
Nessun Branch/Tag specificato
Rami (Branch) Tag
master
v3
v2.3
greenlock
v1.x
pull/11/master
v2.3.3
v2.3.2
v2.3.1
v2.3.0
v2.2.13
v2.2.12
v2.2.11
v2.2.9
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v2.0.0
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Etichette
Pulisci le etichette
Nessun elemento
Nessuna etichetta
Traguardo
Milestone pulita
Nessun elemento
Nessuna milestone
Assegnatari
Cancella assegnatari
Nessuna assegnatario
2 Partecipanti
Notifiche
Data di scadenza
La data di scadenza non è valida o fuori intervallo. Si prega di utilizzare il formato 'aaaa-mm-dd'.

Nessuna data di scadenza impostata.

Dipendenze

Nessuna dipendenza impostata.

Riferimento: root/greenlock-cli.js#2
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?