It seems the acme_challenge_dir is hard coded. The /usr/local/lib/pki/pki-realm script allows for overwriting args["acme_challenge_dir"], but that's not done when the "run" sub command is called:
And "run" is the only place where "request_acme_tiny_certificate" is called.
It would also be nice to have some logging output of the pki-realm script to determine why it does not create ACME certificates. It tests for, amongst other things, [ "${config['pki_acme']}" = "true" ] && [ -x "${config['acme_client_script']}" ] && [ -d "${config['acme_challenge_dir']}" ] and it would be helpful to see why it skipped creation of a certificate. If only with --verbose flag or so.
It seems the acme_challenge_dir is hard coded. The /usr/local/lib/pki/pki-realm script allows for overwriting args["acme_challenge_dir"], but that's not done when the "run" sub command is called:
And "run" is the only place where "request_acme_tiny_certificate" is called.
It would also be nice to have some logging output of the pki-realm script to determine why it does not create ACME certificates. It tests for, amongst other things,
[ "${config['pki_acme']}" = "true" ] && [ -x "${config['acme_client_script']}" ] && [ -d "${config['acme_challenge_dir']}" ]
and it would be helpful to see why it skipped creation of a certificate. If only with--verbose
flag or so.