As Let's Encrypt will no more allow GET calls[0], we have to change
to GET-as-POST[1] requests.
[0]: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380/4
[1]: https://tools.ietf.org/html/rfc8555#section-6.3
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
[ Thomas: Add ACME tag and reference GET-as-POST[1] ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
my $key = $self->{key}
or die "No key was generated yet\n";
my $key = $self->{key}
or die "No key was generated yet\n";
- my $payload = encode(tojs($data));
+ my $payload = $data ne '' ? encode(tojs($data)) : $data;
if (!defined($self->{nonce})) {
my $method = $self->_method('newNonce');
if (!defined($self->{nonce})) {
my $method = $self->_method('newNonce');
# Expects a '200 OK' reply
# returns order object
sub get_order {
my ($self, $order_url) = @_;
# Expects a '200 OK' reply
# returns order object
sub get_order {
my ($self, $order_url) = @_;
- my $r = $self->do(GET => $order_url);
+ my $r = $self->do(POST => $order_url, '');
my $return = eval { __get_result($r, 200); };
my $return = eval { __get_result($r, 200); };
- $self->fatal("GET of '$order_url' failed - $@", $r) if $@;
+ $self->fatal("POST of '$order_url' failed - $@", $r) if $@;
return $return;
}
# Gets authorization object
return $return;
}
# Gets authorization object
-# GET to authorization URL
+# Post to authorization URL
# Expects a '200 OK' reply
# returns authorization object, including challenges array
sub get_authorization {
my ($self, $auth_url) = @_;
# Expects a '200 OK' reply
# returns authorization object, including challenges array
sub get_authorization {
my ($self, $auth_url) = @_;
- my $r = $self->do(GET => $auth_url);
+ my $r = $self->do(POST => $auth_url, '');
my $return = eval { __get_result($r, 200); };
my $return = eval { __get_result($r, 200); };
- $self->fatal("GET of '$auth_url' failed - $@", $r) if $@;
+ $self->fatal("POST of '$auth_url' failed - $@", $r) if $@;
-# GET to order's certificate URL
+# POST to order's certificate URL
# Expects a '200 OK' reply
# returns certificate chain in PEM format
sub get_certificate {
# Expects a '200 OK' reply
# returns certificate chain in PEM format
sub get_certificate {
$self->fatal("no certificate URL available (yet?)", $order)
if !$order->{certificate};
$self->fatal("no certificate URL available (yet?)", $order)
if !$order->{certificate};
- my $r = $self->do(GET => $order->{certificate});
+ my $r = $self->do(POST => $order->{certificate}, '');
my $return = eval { __get_result($r, 200, 1); };
my $return = eval { __get_result($r, 200, 1); };
- $self->fatal("GET of '$order->{certificate}' failed - $@", $r) if $@;
+ $self->fatal("POST of '$order->{certificate}' failed - $@", $r) if $@;