From 5d6fd4d5b4c6a22272d7177d7c86e45ef9c0aae9 Mon Sep 17 00:00:00 2001 From: Christopher Cook Date: Tue, 19 Nov 2024 19:29:32 +0800 Subject: [PATCH] Anvil: if order fails due to invalid account replaces, re-attempt --- src/Certify.Providers/ACME/Anvil/AnvilACMEProvider.cs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/Certify.Providers/ACME/Anvil/AnvilACMEProvider.cs b/src/Certify.Providers/ACME/Anvil/AnvilACMEProvider.cs index a51ded058..13f7fc624 100644 --- a/src/Certify.Providers/ACME/Anvil/AnvilACMEProvider.cs +++ b/src/Certify.Providers/ACME/Anvil/AnvilACMEProvider.cs @@ -666,6 +666,11 @@ private string GetAccountFingerprintHex(IKey accKey) abandonRequest = false; itemLog.Warning($"Encountered an order conflict. Action maybe re-attempted by resolving the conflict."); } + else if (err.Status == System.Net.HttpStatusCode.Unauthorized) + { + abandonRequest = false; + itemLog.Warning($"Order 'Unauthorized' problem. Order will be reattempted if applicable : {err.Detail}"); + } else if (err.Type?.EndsWith("accountDoesNotExist") == true) { // wrong account details, probably used staging for prod or vice versa @@ -812,8 +817,8 @@ public async Task BeginCertificateOrder(ILog log, ManagedCertifica string ariReplacesCertId = null; if ( - caSupportsARI && - managedCertificate.CertificateCurrentCA == managedCertificate.LastAttemptedCA + caSupportsARI + && managedCertificate.CertificateCurrentCA == managedCertificate.LastAttemptedCA && !string.IsNullOrWhiteSpace(managedCertificate.ARICertificateId) && managedCertificate.ARICertificateId.Contains(".") && managedCertificate.RenewalFailureCount < 3