letsencrypt: Better error handling, prompt user for SA

This commit is contained in:
Matthew Holt
2015-10-28 18:12:07 -06:00
parent b67543f81c
commit 1818b1ea62
3 changed files with 39 additions and 6 deletions

View File

@ -62,19 +62,19 @@ func Activate(configs []server.Config) ([]server.Config, error) {
// make client to service this email address with CA server
client, err := newClient(leEmail)
if err != nil {
return configs, err
return configs, errors.New("error creating client: " + err.Error())
}
// client is ready, so let's get free, trusted SSL certificates! yeah!
certificates, err := obtainCertificates(client, serverConfigs)
if err != nil {
return configs, err
return configs, errors.New("error obtaining cert: " + err.Error())
}
// ... that's it. save the certs, keys, and metadata files to disk
err = saveCertsAndKeys(certificates)
if err != nil {
return configs, err
return configs, errors.New("error saving assets: " + err.Error())
}
// it all comes down to this: turning TLS on for all the configs
@ -158,7 +158,10 @@ func newClient(leEmail string) (*acme.Client, error) {
}
// The client facilitates our communication with the CA server.
client := acme.NewClient(CAUrl, &leUser, rsaKeySizeToUse, exposePort)
client, err := acme.NewClient(CAUrl, &leUser, rsaKeySizeToUse, exposePort)
if err != nil {
return nil, err
}
// If not registered, the user must register an account with the CA
// and agree to terms
@ -169,7 +172,13 @@ func newClient(leEmail string) (*acme.Client, error) {
}
leUser.Registration = reg
// TODO: we can just do the agreement once: when registering, right?
if !Agreed && reg.TosURL == "" {
Agreed = promptUserAgreement("<TODO>", false) // TODO
}
if !Agreed && reg.TosURL == "" {
return nil, errors.New("user must agree to terms")
}
err = client.AgreeToTOS()
if err != nil {
saveUser(leUser) // TODO: Might as well try, right? Error check?