func runUpdate(args []string) {
uc, err := readConfig()
if err != nil {
fatalf("read config: %v", err)
}
if uc.key == nil {
fatalf("no key found for %s", uc.URI)
}
client := acme.Client{Key: uc.key}
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
defer cancel()
if updateAccept {
a, err := client.GetReg(ctx, uc.URI)
if err != nil {
fatalf(err.Error())
}
uc.Account = *a
uc.AgreedTerms = a.CurrentTerms
}
if len(args) != 0 {
uc.Contact = args
}
a, err := client.UpdateReg(ctx, &uc.Account)
if err != nil {
fatalf(err.Error())
}
uc.Account = *a
if err := writeConfig(uc); err != nil {
fatalf("write config: %v", err)
}
printAccount(os.Stdout, &uc.Account, filepath.Join(configDir, accountKey))
}
func runWhoami([]string) {
uc, err := readConfig()
if err != nil {
fatalf("read config: %v", err)
}
if uc.key == nil {
fatalf("no key found for %s", uc.URI)
}
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
client := acme.Client{Key: uc.key}
a, err := client.GetReg(ctx, uc.URI)
if err != nil {
fatalf(err.Error())
}
printAccount(os.Stdout, a, filepath.Join(configDir, accountKey))
}
func authz(ctx context.Context, client *acme.Client, domain string) error {
z, err := client.Authorize(ctx, domain)
if err != nil {
return err
}
if z.Status == acme.StatusValid {
return nil
}
var chal *acme.Challenge
for _, c := range z.Challenges {
if (c.Type == "http-01" && !certDNS) || (c.Type == "dns-01" && certDNS) {
chal = c
break
}
}
if chal == nil {
return errors.New("no supported challenge found")
}
// respond to http-01 challenge
ln, err := net.Listen("tcp", certAddr)
if err != nil {
return fmt.Errorf("listen %s: %v", certAddr, err)
}
defer ln.Close()
switch {
case certManual:
// manual challenge response
tok, err := client.HTTP01ChallengeResponse(chal.Token)
if err != nil {
return err
}
file, err := challengeFile(domain, tok)
if err != nil {
return err
}
fmt.Printf("Copy %s to http://%s%s and press enter.\n",
file, domain, client.HTTP01ChallengePath(chal.Token))
var x string
fmt.Scanln(&x)
case certDNS:
val, err := client.DNS01ChallengeRecord(chal.Token)
if err != nil {
return err
}
fmt.Printf("Add a TXT record for _acme-challenge.%s with the value %q and press enter after it has propagated.\n",
domain, val)
var x string
fmt.Scanln(&x)
default:
// auto, via local server
val, err := client.HTTP01ChallengeResponse(chal.Token)
if err != nil {
return err
}
path := client.HTTP01ChallengePath(chal.Token)
go http.Serve(ln, http01Handler(path, val))
}
if _, err := client.Accept(ctx, chal); err != nil {
return fmt.Errorf("accept challenge: %v", err)
}
_, err = client.WaitAuthorization(ctx, z.URI)
return err
}