diff options
author | Felix Fontein <felix@fontein.de> | 2018-01-31 08:24:08 +0100 |
---|---|---|
committer | ansibot <ansibot@users.noreply.github.com> | 2018-01-31 02:24:08 -0500 |
commit | 2c482847ce4259283f08c1397cee4fc957075ac2 (patch) | |
tree | 83182c163c2bc77993dba933d9cfdb5ae8ad1233 | |
parent | 311918828f2b3afa940ab9dde8bfd4bcfbcfc799 (diff) | |
download | ansible-2c482847ce4259283f08c1397cee4fc957075ac2.tar.gz |
letsencrypt: fix account key detection for keys created by openssl_privatekey (#35534)
* Fixing key detection if key was generated with openssl_privatekey.
* Fixing error formatting.
-rw-r--r-- | lib/ansible/modules/web_infrastructure/letsencrypt.py | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/ansible/modules/web_infrastructure/letsencrypt.py b/lib/ansible/modules/web_infrastructure/letsencrypt.py index 68039f0e2c..c73216aa70 100644 --- a/lib/ansible/modules/web_infrastructure/letsencrypt.py +++ b/lib/ansible/modules/web_infrastructure/letsencrypt.py @@ -566,8 +566,14 @@ class ACMEAccount(object): if m is not None: account_key_type = m.group(1).lower() break + if account_key_type is None: + # This happens for example if openssl_privatekey created this key + # (as opposed to the OpenSSL binary). For now, we assume this is + # an RSA key. + # FIXME: add some kind of auto-detection + account_key_type = "rsa" if account_key_type not in ("rsa", "ec"): - return 'unknown key type "%s" % account_key_type', {} + return 'unknown key type "%s"' % account_key_type, {} openssl_keydump_cmd = [self._openssl_bin, account_key_type, "-in", key, "-noout", "-text"] dummy, out, dummy = self.module.run_command(openssl_keydump_cmd, check_rc=True) |