-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from paulgb/paulgb/reformat
Reformat
- Loading branch information
Showing
15 changed files
with
1,711 additions
and
1,758 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -13,76 +13,76 @@ const LETS_ENCRYPT_URL: &str = "https://acme-v02.api.letsencrypt.org/directory"; | |
|
|
||
| #[tokio::main] | ||
| async fn main() -> Result<(), Error> { | ||
| // Create a new ACMEv2 directory for Let's Encrypt. | ||
| let dir = DirectoryBuilder::new(LETS_ENCRYPT_URL.to_string()) | ||
| .build() | ||
| .await?; | ||
|
|
||
| // Create an ACME account to use for the order. For production | ||
| // purposes, you should keep the account (and private key), so | ||
| // you can renew your certificate easily. | ||
| let mut builder = AccountBuilder::new(dir.clone()); | ||
| builder.contact(vec!["mailto:[email protected]".to_string()]); | ||
| builder.terms_of_service_agreed(true); | ||
| let account = builder.build().await?; | ||
|
|
||
| // Create a new order for a specific domain name. | ||
| let mut builder = OrderBuilder::new(account); | ||
| builder.add_dns_identifier("example.com".to_string()); | ||
| let order = builder.build().await?; | ||
|
|
||
| // Get the list of needed authorizations for this order. | ||
| let authorizations = order.authorizations().await?; | ||
| for auth in authorizations { | ||
| // Get an http-01 challenge for this authorization (or panic | ||
| // if it doesn't exist). | ||
| let challenge = auth.get_challenge("http-01").unwrap(); | ||
|
|
||
| // At this point in time, you must configure your webserver to serve | ||
| // a file at `https://example.com/.well-known/${challenge.token}` | ||
| // with the content of `challenge.key_authorization()??`. | ||
|
|
||
| // Start the validation of the challenge. | ||
| let challenge = challenge.validate().await?; | ||
|
|
||
| // Poll the challenge every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. | ||
| let challenge = challenge.wait_done(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(challenge.status, ChallengeStatus::Valid); | ||
|
|
||
| // You can now remove the challenge file hosted on your webserver. | ||
|
|
||
| // Poll the authorization every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. | ||
| let authorization = auth.wait_done(Duration::from_secs(5), 3).await?; | ||
| assert_eq!(authorization.status, AuthorizationStatus::Valid) | ||
| } | ||
|
|
||
| // Poll the order every 5 seconds until it is in either the | ||
| // `ready` or `invalid` state. Ready means that it is now ready | ||
| // for finalization (certificate creation). | ||
| let order = order.wait_ready(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(order.status, OrderStatus::Ready); | ||
|
|
||
| // Generate an RSA private key for the certificate. | ||
| let pkey = gen_rsa_private_key(4096)?; | ||
|
|
||
| // Create a certificate signing request for the order, and request | ||
| // the certificate. | ||
| let order = order.finalize(Csr::Automatic(pkey)).await?; | ||
|
|
||
| // Poll the order every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. Valid means that the certificate | ||
| // has been provisioned, and is now ready for download. | ||
| let order = order.wait_done(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(order.status, OrderStatus::Valid); | ||
|
|
||
| // Download the certificate, and panic if it doesn't exist. | ||
| let cert = order.certificate().await?.unwrap(); | ||
| assert!(cert.len() > 1); | ||
|
|
||
| Ok(()) | ||
| // Create a new ACMEv2 directory for Let's Encrypt. | ||
| let dir = DirectoryBuilder::new(LETS_ENCRYPT_URL.to_string()) | ||
| .build() | ||
| .await?; | ||
|
|
||
| // Create an ACME account to use for the order. For production | ||
| // purposes, you should keep the account (and private key), so | ||
| // you can renew your certificate easily. | ||
| let mut builder = AccountBuilder::new(dir.clone()); | ||
| builder.contact(vec!["mailto:[email protected]".to_string()]); | ||
| builder.terms_of_service_agreed(true); | ||
| let account = builder.build().await?; | ||
|
|
||
| // Create a new order for a specific domain name. | ||
| let mut builder = OrderBuilder::new(account); | ||
| builder.add_dns_identifier("example.com".to_string()); | ||
| let order = builder.build().await?; | ||
|
|
||
| // Get the list of needed authorizations for this order. | ||
| let authorizations = order.authorizations().await?; | ||
| for auth in authorizations { | ||
| // Get an http-01 challenge for this authorization (or panic | ||
| // if it doesn't exist). | ||
| let challenge = auth.get_challenge("http-01").unwrap(); | ||
|
|
||
| // At this point in time, you must configure your webserver to serve | ||
| // a file at `https://example.com/.well-known/${challenge.token}` | ||
| // with the content of `challenge.key_authorization()??`. | ||
|
|
||
| // Start the validation of the challenge. | ||
| let challenge = challenge.validate().await?; | ||
|
|
||
| // Poll the challenge every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. | ||
| let challenge = challenge.wait_done(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(challenge.status, ChallengeStatus::Valid); | ||
|
|
||
| // You can now remove the challenge file hosted on your webserver. | ||
|
|
||
| // Poll the authorization every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. | ||
| let authorization = auth.wait_done(Duration::from_secs(5), 3).await?; | ||
| assert_eq!(authorization.status, AuthorizationStatus::Valid) | ||
| } | ||
|
|
||
| // Poll the order every 5 seconds until it is in either the | ||
| // `ready` or `invalid` state. Ready means that it is now ready | ||
| // for finalization (certificate creation). | ||
| let order = order.wait_ready(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(order.status, OrderStatus::Ready); | ||
|
|
||
| // Generate an RSA private key for the certificate. | ||
| let pkey = gen_rsa_private_key(4096)?; | ||
|
|
||
| // Create a certificate signing request for the order, and request | ||
| // the certificate. | ||
| let order = order.finalize(Csr::Automatic(pkey)).await?; | ||
|
|
||
| // Poll the order every 5 seconds until it is in either the | ||
| // `valid` or `invalid` state. Valid means that the certificate | ||
| // has been provisioned, and is now ready for download. | ||
| let order = order.wait_done(Duration::from_secs(5), 3).await?; | ||
|
|
||
| assert_eq!(order.status, OrderStatus::Valid); | ||
|
|
||
| // Download the certificate, and panic if it doesn't exist. | ||
| let cert = order.certificate().await?.unwrap(); | ||
| assert!(cert.len() > 1); | ||
|
|
||
| Ok(()) | ||
| } | ||
Oops, something went wrong.