1.1. Manager¶
-
class
acmems.manager.
ACMEManager
(config, connect=True)¶ Bases:
object
- ACME manager - high level ACME client; process authorizations via
- http01 automatically.
Variables: - responses (dict) – Responses to deliver; designed as answers for authorization challenges. dict[host][path] = value
- authzrs (dict) – List of current active
acme.messages.AuthorizationResource
- config (acmems.config.Configuration) – Active configuration
-
log
(*args)¶ log something
-
connect
()¶ initialize/setup ourself; load private key, create ACME client and refresh our registration
Raises: - acmems.exceptions.AccountError – could not load account
- acmems.exceptions.NeedToAgreeToTOS – terms of service are not accepted - cannot operate
-
load_private_key
()¶ load our private key / the key to identify ourself against the ACME server. This key MUST NOT be used for certificates.
Raises: acmems.exceptions.AccountError – something is broken with our account (mustly key not found)
-
create_private_key
(force=False, key_size=4096)¶ create new private key to be used for identify ourself against the ACME server
Key is afterwards read via
load_private_key
!Parameters: Raises: acmems.exceptions.AccountError – account dir not found or private key will not be overriden (force is
False
).
-
init_client
()¶ create ACME client
-
acquire_domain_validations
(validator, domains)¶ requests for all given domains domain validations If we have cached a valid challenge return this. Expired challenges will clear automatically; invalided challenges will not.
Parameters: domains (list of str
) – List of domains to validateReturns: Challenges for the requested domains Return type: acme.messages.ChallengeBody
Processes a given AuthorizationResource that was fetch from the authzrs cache or updated by
refresh_domain_authorization
/acme.client.Client.poll
.Renew revoked or expired ones. Refresh pending/processing authorizations
Parameters: authzr (acme.messages.AuthorizationResource) – the authzr in question
Returns: a valid authzr
Return type: Raises: - acmems.exceptions.AuthorizationNotYetProcessed – We have to wait while the ACME server processes the autzr
- acmems.exceptions.AuthorizationNotYetRequested – new authzr created; have to wait until someone requests it
- acmems.exceptions.ChallengesUnknownStatus – unknown status
- acmems.exceptions.NoChallengeMethodsSupported – HTTP01 is not supported
- acmems.exceptions.ChallengeFailed – challenge failed
Refreshes a authorization for status changes
Parameters: domain (str) – domain name for the authorization
Returns: a valid authzr
Return type: Raises: - acmems.exceptions.AuthorizationNotYetProcessed – We have to wait while the ACME server processes the autzr
- acmems.exceptions.AuthorizationNotYetRequested – new authzr created; have to wait until someone requests it
- acmems.exceptions.ChallengesUnknownStatus – unknown status
- acmems.exceptions.NoChallengeMethodsSupported – HTTP01 is not supported
Requests a complete new authorization for the given domain
Parameters: domain (str) – domain name for the authorization
Returns: a valid authzr
Return type: Raises: - acmems.exceptions.AuthorizationNotYetProcessed – We have to wait while the ACME server processes the autzr
- acmems.exceptions.AuthorizationNotYetRequested – new authzr created; have to wait until someone requests it
- acmems.exceptions.ChallengesUnknownStatus – unknown status
- acmems.exceptions.NoChallengeMethodsSupported – HTTP01 is not supported