On 2018/01/15 12:16, Stuart Henderson wrote: > I generally prefer to use acme-client than the python or bash+openssl(1) > monstrosities to fetch SSL certificates, but I have some systems where > I need to use the DNS-01 challenge type which was removed from the > version in base. > > Any objections or OKs to adding a port for Kristaps' original version > (attached)? >
Hrrmmmm. Now I've tried to actually run dns-01 from a shell script rather than faking it with copy-and-paste, I'm not sure if it's actually going to be all that useful... The mechanism requires 1. read from acme-client's stdout. 2. run a command based on that output. 3. when the command has run, echo the line back to acme-client's stdin. (repeat until EOF from acme-client.) I've tried with "eacme-client | (while read... )", various ways with fifos, and coroutines, but it all blocks somewhere. Now I started reading the expect(1) manual to try and do it that way which is never a good sign...
