mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-09 00:00:04 +01:00
ACME: fixes
Increase polling time and poll the "order" endpoint instead of the "finalize" endpoint. These changes are required for ACME to work with Let's Encrypt as of 2024.
This commit is contained in:
parent
fdde9119f7
commit
8674bf1585
1 changed files with 8 additions and 6 deletions
|
@ -1125,8 +1125,10 @@ pkt_add_hdrs:
|
|||
goto pkt_add_hdrs;
|
||||
|
||||
case ACME_STATE_POLLING_CSR:
|
||||
if (ac->goes_around)
|
||||
break;
|
||||
if (ac->goes_around) {
|
||||
strcpy(ac->active_url, ac->order_url);
|
||||
goto pkt_add_hdrs;
|
||||
}
|
||||
lwsl_vhost_notice(vhd->vhost, "Generating ACME CSR... may take a little while");
|
||||
p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "{\"csr\":\"");
|
||||
n = lws_tls_acme_sni_csr_create(vhd->context,
|
||||
|
@ -1396,7 +1398,7 @@ poll_again:
|
|||
lws_acme_report_status(vhd->vhost, LWS_CUS_CHALLENGE,
|
||||
NULL);
|
||||
|
||||
if (ac->goes_around++ == 20) {
|
||||
if (ac->goes_around++ == 200) {
|
||||
lwsl_notice("%s: too many chall retries\n",
|
||||
__func__);
|
||||
|
||||
|
@ -1470,13 +1472,13 @@ poll_again:
|
|||
goto failed;
|
||||
}
|
||||
|
||||
if (ac->resp != 200) {
|
||||
if (ac->goes_around++ == 30) {
|
||||
if (ac->resp != 200 || ac->cert_url[0] == '\0') {
|
||||
if (ac->goes_around++ == 200) {
|
||||
lwsl_vhost_warn(vhd->vhost, "Too many retries");
|
||||
|
||||
goto failed;
|
||||
}
|
||||
strcpy(buf, ac->finalize_url);
|
||||
strcpy(buf, ac->order_url);
|
||||
cwsi = lws_acme_client_connect(vhd->context,
|
||||
vhd->vhost,
|
||||
&ac->cwsi, &ac->i, buf,
|
||||
|
|
Loading…
Add table
Reference in a new issue