Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cache Auth Tokens for CoreNetworks #403

Closed
StadtBadWurzach opened this issue Nov 15, 2021 · 4 comments
Closed

Cache Auth Tokens for CoreNetworks #403

StadtBadWurzach opened this issue Nov 15, 2021 · 4 comments
Assignees
@rmbolger
Labels
enhancement New feature or request

Comments

@StadtBadWurzach
Copy link

Hi Ryan,
we use Posh-ACME for our Scripts. In many cases we configured some SAN domains for the certificate.

Here the parameters for the script:

[hashtable] $htAcmeCertParams = @{
    Domain = "test2.domain.de", "test3.domain.de", "test4.domain.de";
    Contact = $strAcmeWebmasterEmail
    AcceptTOS = $true
    Plugin = 'CoreNetworks'
    PluginArgs = @{
        CoreNetworksApiRoot = $strCoreNetworksApiAddress
        CoreNetworksCred = $credCoreNetworksApiAccount
    }
}

Execution of my script:
New-PACertificate @htAcmeCertParams -Verbose -Install

I set the varible $DebugPerference to the value 'Continue'. So i see/saw that Posh-ACME create for every domain a new authentifciation token. So i automatally reached the rate limit of the Webhoster Core Networks.

Is there parameter, that Posh-ACME create for the first request the credentails and fuse for all further inquiries the cached credentails?

Regards,
Daniel
@rmbolger rmbolger self-assigned this Nov 15, 2021
@rmbolger rmbolger added bug Something isn't working enhancement New feature or request and removed bug Something isn't working labels Nov 15, 2021
@rmbolger
Copy link
Owner

Hi @StadtBadWurzach. I can try to add some caching of the authentication token. The only problem is that I can't test the changes myself because I don't have an account with them. It should be a fairly straightforward change and I don't expect any problems. But can you verify the updated version still works once I push the change?

@rmbolger
Copy link
Owner

Ok, the change is now in the main/dev branch. You can either install the full dev version using the instructions on the repo homepage or just download the updated file and overwrite your local copy.

The auth token should now be cached for the duration of the PowerShell session. However, I'm guessing that token isn't valid forever. If you're running your script as part of a scheduled task, it probably won't matter because each new task instance will be a new session and only last as long as it has work to do.

It's feasible to add some error handling for the case when the token expires. But I'd need to get some debug logs from when it happens in order to figure out how to handle it.

@StadtBadWurzach
Copy link
Author

Thank you for the modified file. I deployed the main branch to my servers.
All of my attempts and tests have been successful so far. Your changes are working.

@rmbolger
Copy link
Owner

Excellent! The change will go out officially in the next release.

@rmbolger rmbolger changed the title Cache Auth Tokens Cache Auth Tokens for CoreNetworks Nov 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rmbolger rmbolger

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rmbolger @StadtBadWurzach