On January 15, 2018 7:46:16 PM GMT+01:00, Stuart Henderson <s...@spacehopper.org> wrote: >On 2018/01/15 19:34, Alexander Hall wrote: >> >> >> On January 15, 2018 6:11:24 PM GMT+01:00, Stuart Henderson ><s...@spacehopper.org> wrote: >> >On 2018/01/15 12:16, Stuart Henderson wrote: >> >> I generally prefer to use acme-client than the python or >> >bash+openssl(1) >> >> monstrosities to fetch SSL certificates, but I have some systems >> >where >> >> I need to use the DNS-01 challenge type which was removed from the >> >> version in base. >> >> >> >> Any objections or OKs to adding a port for Kristaps' original >version >> >> (attached)? >> >> >> > >> > >> > >> >Hrrmmmm. Now I've tried to actually run dns-01 from a shell script >> >rather >> >than faking it with copy-and-paste, I'm not sure if it's actually >going >> >to >> >be all that useful... >> > >> >The mechanism requires >> > >> >1. read from acme-client's stdout. >> >2. run a command based on that output. >> >3. when the command has run, echo the line back to acme-client's >stdin. >> > >> >(repeat until EOF from acme-client.) >> > >> >I've tried with "eacme-client | (while read... )", various ways with >> >fifos, and coroutines, but it all blocks somewhere. Now I started >> >reading the expect(1) manual to try and do it that way which is >never >> >a good sign... >> >> A good recipe for lockups, but did you try sth like >> >> $ dns-01 |& acme-client <&p >&p >> >> ? > >Awesome! That works well enough, thank you very much.
Heh, you're welcome. I really wasn't sure it would. :-)
