-
-
Notifications
You must be signed in to change notification settings - Fork 992
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial ACME Renewal Info (ARI) Implementation #1912
Conversation
Hello, can you fix the linting? |
I cannot replicate this failure locally on Go 1.19.9:
I'm perfectly happy to remove this test as it's only testing one of the possible exit (in error) conditions. Please let me know what you'd like. |
Would you be okay with adding an
or do you have a way that you would otherwise like this to be refactored? |
I will take a decision on the complexity when I will review the PR, for now, you can keep the code like that. |
981d7eb
to
14f15a7
Compare
Co-authored-by: Phil Porada <pgporada@users.noreply.github.com>
Co-authored-by: Phil Porada <pgporada@users.noreply.github.com>
Co-authored-by: Phil Porada <pgporada@users.noreply.github.com>
- rename tests to follow Go conventions - use certcrypto.ParsePEMCertificate
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Your contribution to our project is much appreciated.
Thank you for taking the initiative to make things better!
What I have changed in your PR:
- comment format
- move code to dedicated files
- use sub-tests
- increase HTTP client timeout because Windows CI is very slow
@beautifulentropy I detected a variation from the RFC: the RFC says
https://www.ietf.org/archive/id/draft-ietf-acme-ari-01.html#section-4.1 I will open a PR to fix that but I wanted to inform you about that variation from the RFC. |
Additions to cmd/cmd_renew.go:
--ari-enable
to check the renewalInfo endpoint when evaluating whether a renewal is necessary and--ari-hash-name
to indicate the name of the hash expected by the renewalInfo endpoint (e.g. "SHA-256").--ari-wait-to-renew-duration
to indicate the duration you're willing to sleep for the renewal window suggested by the renewalInfo endpoint.Additions to acme/api/certificate.go
CertificateService.GetRenewalInfo()
to support 4.1. Getting Renewal Information of draft-ietf-acme-ari-01CertificateService.UpdateRenewalInfo()
to support 4.2. Updating Renewal Information of draft-ietf-acme-ari-01Additions to acme/commons.go
Additions to certificate/certificates.go
cmd/cmd_renew.go
Fixes #1878