Skip to content

Add support for loading existing accounts from key #120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
djc merged 5 commits into from
Jul 1, 2025
Merged

Add support for loading existing accounts from key #120

djc merged 5 commits into from
Jul 1, 2025

Conversation

@djc
Copy link
Owner

@djc djc commented Jun 30, 2025

Obsoletes #94, fixes #93.

cc @axos88

@djc djc requested a review from cpu June 30, 2025 13:11
djc
djc commented Jun 30, 2025
View reviewed changes
@djc djc force-pushed the account-from-key branch from d8c821b to bc0b3ed Compare June 30, 2025 13:12
@djc
Copy link
Owner Author

djc commented Jun 30, 2025

This seems surprising. @cpu have you seen this before? I guess it might have something to do with running two environments in the same test?

---- account_from_private_key stdout ----
Error: Other(hyper_util::client::legacy::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: InvalidCertificate(UnknownIssuer) } })

@djc djc force-pushed the account-from-key branch 2 times, most recently from e4580df to 6ce8f87 Compare June 30, 2025 13:31
@djc djc mentioned this pull request Jun 30, 2025
Closed
@cpu
Copy link
Collaborator

cpu commented Jul 1, 2025
edited
Loading

This seems surprising. @cpu have you seen this before? I guess it might have something to do with running two environments in the same test?

The issue here is that you need to use Account::builder_with_http() and provide the Environment's preconfigured client. The Pebble ACME HTTPS interface uses its own PKI and the default HTTP client is expecting a server-chain from the web PKI.

This diff fixes it for me locally: 
diff --git a/tests/pebble.rs b/tests/pebble.rs
index 91f66ec..3216b8f 100644
--- a/tests/pebble.rs
+++ b/tests/pebble.rs
@@ -381,7 +381,7 @@ async fn account_from_key() -> Result<(), Box<dyn StdError>> {
     let env = Environment::new(EnvironmentConfig::default()).await?;
     let server_url = format!("https://{}/dir", &env.config.pebble.listen_address);
 
-    let (account1, credentials) = Account::builder()?
+    let (account1, credentials) = Account::builder_with_http(Box::new(env.client.clone()))
         .create(
             &NewAccount {
                 contact: &[],
@@ -403,7 +403,7 @@ async fn account_from_key() -> Result<(), Box<dyn StdError>> {
     let key_der = BASE64_URL_SAFE_NO_PAD.decode(json_key.key_pkcs8)?;
     let key = Key::from_pkcs8_der(PrivatePkcs8KeyDer::from(key_der.clone()))?;
 
-    let (account2, credentials2) = Account::builder()?
+    let (account2, credentials2) = Account::builder_with_http(Box::new(env.client.clone()))
         .from_key((key, PrivateKeyDer::try_from(key_der.clone())?), server_url)
         .await?;
 
@@ -419,7 +419,7 @@ async fn account_from_key() -> Result<(), Box<dyn StdError>> {
     let server_url = format!("https://{}/dir", &env.config.pebble.listen_address);
 
     let key = Key::from_pkcs8_der(PrivatePkcs8KeyDer::from(key_der.clone()))?;
-    let result = Account::builder()?
+    let result = Account::builder_with_http(Box::new(env.client.clone()))
         .from_key((key, PrivateKeyDer::try_from(key_der)?), server_url)
         .await;

@djc djc force-pushed the account-from-key branch from 6ce8f87 to 14d1553 Compare July 1, 2025 15:24
@djc djc merged commit 7663d14 into main Jul 1, 2025
10 checks passed
@djc djc deleted the account-from-key branch July 1, 2025 15:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cpu cpu cpu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Account should be able to be created from a key only

3 participants

@djc @cpu