[−][src]Struct acme_micro::order::Auth
An authorization (ownership proof) for a domain name.
Each authorization for an order much be progressed to a valid state before the ACME API will issue a certificate.
Authorizations may or may not be required depending on previous orders against the same ACME account. The ACME API decides if the authorization is needed.
Currently there are two ways of providing the authorization.
Methods
impl Auth
[src]
pub fn domain_name(&self) -> &str
[src]
Domain name for this authorization.
pub fn need_challenge(&self) -> bool
[src]
Whether we actually need to do the authorization. This might not be needed if we have proven ownership of the domain recently in a previous order.
pub fn http_challenge(&self) -> Challenge<Http>
[src]
Get the http challenge.
The http challenge must be placed so it is accessible under:
http://<domain-to-be-proven>/.well-known/acme-challenge/<token>
The challenge will be accessed over HTTP (not HTTPS), for obvious reasons.
use acme_micro::order::Auth; use acme_micro::Error; use std::fs::File; use std::io::Write; fn web_authorize(auth: &Auth) -> Result<(), Error> { let challenge = auth.http_challenge(); // Assuming our web server's root is under /var/www let path = { let token = challenge.http_token(); format!("/var/www/.well-known/acme-challenge/{}", token) }; let mut file = File::create(&path)?; file.write_all(challenge.http_proof().as_bytes())?; challenge.validate(5000)?; Ok(()) }
pub fn dns_challenge(&self) -> Challenge<Dns>
[src]
Get the dns challenge.
The dns challenge is a TXT
record that must put created under:
_acme-challenge.<domain-to-be-proven>. TXT <proof>
The
use acme_micro::order::Auth; use acme_micro::Error; fn dns_authorize(auth: &Auth) -> Result<(), Error> { let challenge = auth.dns_challenge(); let record = format!("_acme-challenge.{}.", auth.domain_name()); // route_53_set_record(&record, "TXT", challenge.dns_proof()); challenge.validate(5000)?; Ok(()) }
The dns proof is not the same as the http proof.
pub fn tls_alpn_challenge(&self) -> Challenge<TlsAlpn>
[src]
Get the TLS ALPN challenge.
The TLS ALPN challenge is a certificate that must be served when a request is made for the ALPN protocol "tls-alpn-01". The certificate must contain a single dNSName SAN containing the domain being validated, as well as an ACME extension containing the SHA256 of the key authorization.
pub fn api_auth(&self) -> &ApiAuth
[src]
Access the underlying JSON object for debugging. We don't refresh the authorization when the corresponding challenge is validated, so there will be no changes to see here.
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Auth
impl Send for Auth
impl Sync for Auth
impl Unpin for Auth
impl UnwindSafe for Auth
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Sealed<T> for T where
T: ?Sized,
T: ?Sized,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,