- challenge = auth.dns01
- deploy_dns01_challenge_token( auth.domain, challenge, config['domains'][auth.domain]['primary_ns'], config )
- wait_for_challenge_propagation( auth.domain, challenge )
- wait_for_challenge_validation( challenge )
+ client.new_account(contact: "mailto:#{email}", terms_of_service_agreed: true)
+
+ p "Cert #{cert_name}: Creating order object for cert #{cert_name}"
+ order = client.new_order(identifiers: cert_opts['domain_names'] )
+ p "Cert #{cert_name}: order status"
+ p order.status
+ if order.status != 'ready'
+ p "Cert #{cert_name}: Order is not ready, we need to authorize first"
+
+ p "Cert #{cert_name}: Iterating over required authorizations"
+ order.authorizations.each do |auth|
+ p "Cert #{cert_name}: Processing authorization for #{auth.domain}"
+ p "Cert #{cert_name}: Finding challenge type for #{auth.domain}"
+ if auth.status == 'valid'
+ p "Cert #{cert_name}: Authorization for #{auth.domain} is still valid, skipping"
+ next
+ end
+
+ challenge = auth.dns01
+ primary_ns = config.dig( 'domains', auth.domain, 'primary_ns' ) || config.dig( 'defaults', 'domains', 'primary_ns' )
+ deploy_dns01_challenge_token( auth.domain, challenge, primary_ns, config )
+ wait_for_challenge_propagation( auth.domain, challenge )
+ wait_for_challenge_validation( challenge )
+ end
+ else
+ p "Cert #{cert_name}: Order is ready, we don’t need to authorize"