search

markt-de / puppet-acme

Centralized SSL certificate management using acme.sh and the ACME protocol
https://forge.puppet.com/markt/acme
Apache License 2.0
9 stars 17 forks source link

[ Feature Request ] HTTP-01 challenge support #35

Closed mgoljak closed 2 years ago

mgoljak commented 2 years ago

Hi, you've said that HTTP-01 challenge is untested, but I'd like to use it anyway.

Following hiera config warns me that my profile is incomplete and that is missing either "challengetype" or "hook":

acme::acme_revision: 'master'
acme::acme_host: 'server.domain.com'
acme::accounts: [ 'mail@domain.com' ]

acme::default_ca: 'letsencrypt_test'
acme::ca_whitelist:
  - 'letsencrypt_test'

acme::profiles:
  'http_config':
    challengetype: 'http-01'

acme::certificates:
  'sub.domain.com':
      use_profile: 'http_config'
      use_account: 'mail@domain.com'
      ca: 'letsencrypt_test'

Will it be enough to adjust basic profiles validation section in handler.pp manifest?

Regards, Mario

fraenki commented 2 years ago

Will it be enough to adjust basic profiles validation section in handler.pp manifest?

I don't know, it really is completely untested. :) So just give it a try and report back.