uacme: adapted run.sh script to get it working with step CA #24803
+221
−270
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Maintainer: @lucize
Compile tested: OpenWrt 23.05.03
Run tested: OpenWrt 23.05.03
Description:
Current uacme package has no support for using private CA (like step CA). The tool supports that, but the wrapper script responsible for handling the ACME challenge is missing additional settings required for that (see this thread).
On top of that, the wrapper script was initially forked from acme.sh package and contains code snippets which suggest wrapper is same when uacme and acme.sh are installed. This makes no sense, so I've decided to fix the wrapper script (run.sh) to support only uacme package.
Added support for
tls-alpn-01
and testedhttp-01
andtls-alpn-01
ACME challenge types using step CA as ACME service. Also fixed and improved the pre_check() and post_check() functions of the wrapper. Added also option for setting which interface should listen on the ACME challenge.