root
/
greenlock-cli.js
spogulis no https://git.coolaj86.com/coolaj86/greenlock-cli.js
2
0
Atdalīts 0
Kods Problēmas 2 Laidieni Vikivietne Aktivitāte

Skipping verification #2

Jauna problēma
Atvērta
Ghost atvēra 2020-07-26 17:57:53 +00:00 · 5 komentāri
Ghost komentēja 2020-07-26 17:57:53 +00:00
Kopēt saiti

Hi, AJ,

Haven't been in touch for a while, but I'm still using the Greenlock CLI client, which has been serving me well.

I've hit a bit of a snag with the pre-flight checks: they don't work in our setup, because we serve different DNS externally to internally and there is some port forwarding going on.

I can see the ACME library has options to skip the checks (skipChallengeTests and skipDryRun) but as far as I can tell these aren't wired up to the CLI, or even to the greenlock module.

I took a quick look around the code to consider making a quick fix, but the CLI seems to be using some older module versions, etc., so I wasn't sure of the best way to proceed.

Would you be able to help, either by wiring this up for me, or by giving me some pointers for how to put together some code changes for this?

Smiles,

Ben

Hi, AJ, Haven't been in touch for a while, but I'm still using the Greenlock CLI client, which has been serving me well. I've hit a bit of a snag with the pre-flight checks: they don't work in our setup, because we serve different DNS externally to internally and there is some port forwarding going on. I can see the ACME library has options to skip the checks (skipChallengeTests and skipDryRun) but as far as I can tell these aren't wired up to the CLI, or even to the greenlock module. I took a quick look around the code to consider making a quick fix, but the CLI seems to be using some older module versions, etc., so I wasn't sure of the best way to proceed. Would you be able to help, either by wiring this up for me, or by giving me some pointers for how to put together some code changes for this? Smiles, Ben
coolaj86 komentēja 2020-07-28 05:27:37 +00:00
Īpašnieks
Kopēt saiti

Ah, yes, this old thing.

For the moment, I would say just hack your local version. Then ping me again in about 10 days.

I've just wrapped up two projects I was working on and I've got some Greenlock work on my docket for this week. I'll keep your request in mind and see if I can update the CLI.

What are the options you currently use?

Ah, yes, this old thing. For the moment, I would say just hack your local version. Then ping me again in about 10 days. I've just wrapped up two projects I was working on and I've got some Greenlock work on my docket for this week. I'll keep your request in mind and see if I can update the CLI. What are the options you currently use?
coolaj86 komentēja 2020-07-28 05:27:53 +00:00
Īpašnieks
Kopēt saiti

P.S. Nice to see you again. :)

P.S. Nice to see you again. :)
Ghost komentēja 2020-08-08 13:05:59 +00:00
Autors
Kopēt saiti

Hi, AJ. Yeah, it's nice to be in touch again!

Current invocation for old protocol:

greenlock \
	--agree-tos \
	--email {{ admin_email }}
	--webroot --webroot-path /var/local/greenroot \
	--config-dir /var/local/greenlock \
	--domains "$1" \
	--renew-within 28 \
	--server https://acme-v01.api.letsencrypt.org/directory \
	> "$TMP" 2>&1

Desired invocation for new protocol:

node --harmony `which greenlock` certonly \
	--agree-tos \
	--email {{ admin_email }} \
	--webroot --root /var/local/greenroot \
	--config-dir /var/local/greenlock \
	--domains "$1" \
	--renew-within 28 \
	--acme-version draft-11 --acme-url https://acme-v02.api.letsencrypt.org/directory \
	> "$TMP" 2>&1
Hi, AJ. Yeah, it's nice to be in touch again! Current invocation for old protocol: ``` greenlock \ --agree-tos \ --email {{ admin_email }} --webroot --webroot-path /var/local/greenroot \ --config-dir /var/local/greenlock \ --domains "$1" \ --renew-within 28 \ --server https://acme-v01.api.letsencrypt.org/directory \ > "$TMP" 2>&1 ``` Desired invocation for new protocol: ``` node --harmony `which greenlock` certonly \ --agree-tos \ --email {{ admin_email }} \ --webroot --root /var/local/greenroot \ --config-dir /var/local/greenlock \ --domains "$1" \ --renew-within 28 \ --acme-version draft-11 --acme-url https://acme-v02.api.letsencrypt.org/directory \ > "$TMP" 2>&1 ```
Ghost komentēja 2020-08-08 13:09:16 +00:00
Autors
Kopēt saiti

BTW, we were using v2.2.10, upgrading to v2.3.3 (^v2.3).

BTW, we were using `v2.2.10`, upgrading to `v2.3.3` (`^v2.3`).
Ghost komentēja 2021-06-21 11:56:11 +00:00
Autors
Kopēt saiti

I avoided needing to skip this check with some reconfiguration on our server. The check doesn't have much value, but at least it doesn't prevent the renewal now. I guess this is still a nice-to-have, so it might be worth leaving open, but it's certainly not an issue for me now.

I avoided needing to skip this check with some reconfiguration on our server. The check doesn't have much value, but at least it doesn't prevent the renewal now. I guess this is still a nice-to-have, so it might be worth leaving open, but it's certainly not an issue for me now.
Pierakstieties, lai pievienotos šai sarunai.
Nav norādīts atzars/tags
Atzari Tagi
master
v3
v2.3
greenlock
v1.x
pull/11/master
v2.3.3
v2.3.2
v2.3.1
v2.3.0
v2.2.13
v2.2.12
v2.2.11
v2.2.9
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v2.0.0
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Etiķetes
Noņemt etiķetes
Nav neviena ieraksta
Nav etiķešu
Atskaites punkts
Notīrīt atskaites punktus
Nav neviena ieraksta
Nav atskaites punktu
Atbildīgie
Noņemt atbildīgo
Nav atbildīgo
2 dalībnieki
Paziņojumi
Izpildes termiņš
Datums līdz nav korekts. Izmantojiet formātu 'gggg-mm-dd'.

Izpildes termiņš nav uzstādīts.

Atkarības

Nav atkarību.

Atsaucas uz: root/greenlock-cli.js#2
No description provided.
Dzēst atzaru "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?