Class: Acme::Client::Resources::Challenges::DNSAccount01
- Defined in:
- lib/acme/client/resources/challenges/dns_account01.rb
Overview
DNS-Account-01 challenge following draft-ietf-acme-dns-account-label-01 Enables multiple ACME clients to validate the same domain concurrently
Constant Summary collapse
- CHALLENGE_TYPE =
'dns-account-01'.freeze
- RECORD_PREFIX =
'_'.freeze
- RECORD_SUFFIX =
'._acme-challenge'.freeze
- RECORD_TYPE =
'TXT'.freeze
- DIGEST =
OpenSSL::Digest::SHA256
- BASE32_ALPHABET =
RFC 4648 lowercase alphabet
'abcdefghijklmnopqrstuvwxyz234567'.freeze
Instance Attribute Summary
Attributes inherited from Base
#error, #status, #token, #url, #validated
Instance Method Summary collapse
- #record_content ⇒ Object
-
#record_name ⇒ Object
Generates account-specific DNS record name using SHA256(account_url) + Base32 Format: _<base32_label>._acme-challenge.
- #record_type ⇒ Object
Methods inherited from Base
#challenge_type, #initialize, #key_authorization, #reload, #request_validation, #to_h
Constructor Details
This class inherits a constructor from Acme::Client::Resources::Challenges::Base
Instance Method Details
#record_content ⇒ Object
26 27 28 |
# File 'lib/acme/client/resources/challenges/dns_account01.rb', line 26 def record_content Acme::Client::Util.urlsafe_base64(DIGEST.digest()) end |
#record_name ⇒ Object
Generates account-specific DNS record name using SHA256(account_url) + Base32 Format: _<base32_label>._acme-challenge
15 16 17 18 19 20 |
# File 'lib/acme/client/resources/challenges/dns_account01.rb', line 15 def record_name digest = DIGEST.digest(@client.kid)[0, 10] # First 10 octets for label bits = digest.unpack1('B*') label = bits.scan(/.{5}/).map { |chunk| BASE32_ALPHABET[chunk.to_i(2)] }.join "#{RECORD_PREFIX}#{label}#{RECORD_SUFFIX}" end |
#record_type ⇒ Object
22 23 24 |
# File 'lib/acme/client/resources/challenges/dns_account01.rb', line 22 def record_type RECORD_TYPE end |