Open b9chris opened 6 years ago
WallyRanson
commented
6 years ago Your complete-acmechallenge actually returns an object, but you are just not catching it. Try to add $someobjectname = complete-acmechallenge....... Then after having called the command then do a line with just $someobjectname and press enter, then you see what the object actually holds of information
KuestenKeks
commented
6 years ago I believe that's the result of the following changes in v0.9.1
Changing default "output behavior" of Manual Challenge Handler:
- By default, won't write output to STDOUT, but output will be captured as message attached to Authorization State
- You can override this behavior and specify STDOUT to mimic the old behavior. All other settings are preserved by the Manual Challenge Handler.
- When an output is specified, the message will be written to both the output target, and captured by the authorization state.
- This applies to both handling the Challenge and also cleaning up after handling the Challenge.
See https://github.com/ebekker/ACMESharp/releases/tag/v0.9.1
I think you should be able to write the required output formatted as JSON to a text file like this:
Complete-ACMEChallenge dns104 -ChallengeType http-01 -Handler manual -HandlerParameters @{ WebSiteRef = 'brass9.com' WriteOutPath = "C:\ACMEChallenge.txt"; OutputJson = $true }
b9chris
commented
6 years ago That workaround does work, it's just a major breaking change that disagrees with the docs and breaks the scripts I and I'm sure others have written.
I think if the docs are just updated in a way that shows as simply as possible how to dump to the console in the example then we'll be in a good place here. There are many automated ways to do LetsEncrypt, so I think this library, to me, is about breaking down the process for people who are new to it into simple steps where you can easily observe its work.
MylesPenlington
commented
6 years ago I found that this sequence of script throws an error (complains about the ConvertFrom - JSON), but also causes the previous output to be dumped to the console.
Install-Module ACMESharp -Scope CurrentUser
Get-ACMEVaultProfile
Initialize-ACMEVault -Force
New-ACMERegistration -Contacts <your email address> -AcceptTos
New-ACMEIdentifier -Dns <website url> -Alias dnsT
Set-ACMEChallengeHandlerProfile -ProfileName manual-dns-json -ChallengeType http-01 -Handler manual -HandlerParameters @{ OutputJson = $true } -Force
Complete-ACMEChallenge -IdentifierRef dnsT -HandlerProfileRef manual-dns-json | ConvertFrom-JSON | select -Expand DnsDetails | select RRValue
ACMEChallengeBroken
commented
6 years ago Can someone please provide the full command I need to run in order to view the Complete-ACMEChallenge to show the DNS record information I need to actually complete the challenge?
Since the ACMEChallenge was updated to the current broken version of 0.9.1 the dev's deiced not to include the output to the command where you can read it and actually complete the challenge.
In the release notes they state that you simply use the STDOUT but I can't find any documentation on how to do that.
HiroyukiSakoh
commented
6 years ago @ACMEChallengeBroken I do not understand well, but it works well. ver 0.9.1
New-ACMEIdentifier -Dns $CertificateDomainName -Alias $alias
Complete-ACMEChallenge $alias -ChallengeType dns-01 -Handler manual
$Challenge = $null
do{
Write-Host "Wait until Challenge comes"
Start-Sleep -s 5
$Challenge = ((Update-ACMEIdentifier $alias -ChallengeType dns-01).Challenges | Where-Object {$_.Type -eq "dns-01"}).Challenge
}
while($Challenge -eq $null)
$RecordName = $Challenge.RecordName -replace ("\."+$AzureDnsZoneName),""
$RecordValue = $Challenge.RecordValuePlease check my blog post(japanese). https://qiita.com/HiroyukiSakoh/items/144cc1bc955ac3697b84
ACMEChallengeBroken
commented
6 years ago @HiroyukiSakoh Thank you for the reply however the script you provided does nothing more than continuously write back to the console "Wait until Challenge comes" probably because ACMEChallenge does not provide the RR values (Why I stand by my username "ACMEChallengeBroken")
If i run the Update-ACMEIdentifier by itself you can see there is nothing there... thus when I try running your script the $Challenge variable never leaves the $null state.
Status : pending OldChallengeAnswer : [, ] ChallengeAnswerMessage : HandlerName : HandlerHandleDate : HandlerHandleMessage : HandlerCleanUpDate : HandlerCleanUpMessage : SubmitDate : SubmitResponse :
HiroyukiSakoh
commented
6 years ago @ACMEChallengeBroken When I was writing a script I encountered that behavior.
A.Update-ACMEIdentifier $alias
B.Update-ACMEIdentifier $alias -ChallengeType dns-01
Using A will always be $null, and using B will move forward. I want you to try B once.
I suspect that there is anything related to #72, #90 but I have not investigated in detail as there is no time.
Probably executing A before executing B breaks that ACMEIdentifier. Try again from New-ACMEIdentifier.
I can't find any docs on this change. A prior version of ACMESharp had a manual mode that would provide output like:
== Manual Challenge Handler - HTTP ==
However, none of these critical details appear anymore. Instead, I get:
PS D:\cert> complete-acmechallenge dns104 -ChallengeType http-01 -handler manual -handlerparameters @{ WebSiteRef = 'bra ss9.com' }
IdentifierPart : ACMESharp.Messages.IdentifierPart IdentifierType : dns Identifier : brass9.com Uri : https://acme-v01.api.letsencrypt.org/acme/authz/U34Rl8g1cox5PMecB6XyhqafIMC2gDTZC5ShP-vq2MQ Status : pending Expires : 2/28/2018 12:14:11 PM Challenges : {, manual} Combinations : {0, 1}
And that's it - none of what I need to actually perform the manual submit!
What am I doing wrong? Or is the library's manual feature not working properly?