Struct CsrOrder

pub struct CsrOrder<P: Persist> { /* private fields */ }

An order that is ready for a CSR submission.

To submit the CSR is called “finalizing” the order.

To finalize, the user supplies a private key (from which a public key is derived). This library provides [functions to create private keys], but the user can opt for creating them in some other way.

This library makes no attempt at validating which key algorithms are used. Unsupported algorithms will show as an error when finalizing the order. It is up to the ACME API provider to decide which key algorithms to support.

Right now Let’s Encrypt supports:

• RSA keys from 2048 to 4096 bits in length
• P-256 and P-384 ECDSA keys

Implementations

impl<P: Persist> CsrOrder<P>

pub fn finalize( self, private_key_pem: &str, delay_millis: u64, ) -> Result<CertOrder<P>>

Finalize the order by providing a private key as PEM.

Once the CSR has been submitted, the order goes into a processing status, where we must poll until the status changes. The delay_millis is the amount of time to wait between each poll attempt.

This is a convenience wrapper that in turn calls the lower level finalize_pkey.

pub fn finalize_pkey( self, private_key: PKey<Private>, delay_millis: u64, ) -> Result<CertOrder<P>>

Lower level finalize call that works directly with the openssl crate structures.

Creates the CSR for the domains in the order and submit it to the ACME API.

Once the CSR has been submitted, the order goes into a processing status, where we must poll until the status changes. The delay_millis is the amount of time to wait between each poll attempt.

pub fn api_order(&self) -> &ApiOrder

Access the underlying JSON object for debugging.