Fix #493: Expose ACME structures for user-managed certificate renewal #494
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sorry for plowing ahead with this, but I was blocked on it in another project and wanted to make some progress.
Basically this exposes
issue_cert
along with the surrounding necessary structures, methods, etc. I made the following big changes:issue_cert
was made public and its responsibilities were restricted to only completing the ACME procedure. Using the certificate is left to the caller (no serializing, no updating the resolver, etc).spawn
ed TLS update loop) 443 listener was addedThe following shared state structures were also made public
AcmeClient
- used byissue_cert
but may be shared across invocationsResolveServerCert
- used byissue_cert
,issue_cert
caller, and 443 listenerissue_cert
, 80 listenerAnd some other helper functionality was exposed, methods for avoiding transitive deps, etc.
There's an example showing the usage (just showing the parallel to the fully poem-managed ACME http01 process). I believe it's minimal: there's not a lot of boilerplate and exposed functions and objects have clear uses, etc.
I'm happy to rename/reorg things, improve comments if things are unclear, or if there are other changes needed.