diff --git a/lofar_cryptocoryne/cli.py b/lofar_cryptocoryne/cli.py index 0bedb5f7af431faf57f18f2f0839a4a845c65877..d8e05acb91c7be20215585e77d13d55fa2259f3d 100644 --- a/lofar_cryptocoryne/cli.py +++ b/lofar_cryptocoryne/cli.py @@ -2,6 +2,8 @@ # SPDX-License-Identifier: Apache-2.0 """ Cryptocoryne certbot cli entrypoint """ +import time + import acme.errors import hvac @@ -37,15 +39,24 @@ def main(): print("Waiting for DNS to propagate...") if client.check_dns_propagation(timeout=1200): print("Succeed. Request certificate") - client.request_certificate() + for _ in range(3): + try: + client.request_certificate() + except acme.errors.ValidationError as ve: + print(f"ValidationError: {ve.failed_authzrs}") + else: + break + print("Request failed. Retry in", end=" ") + for t in range(5): + time.sleep(1) + print(t, end=" ") + print("...") certificate.fullchain = client.certificate vault_store.put_certificate(certificate) print("Done") else: print("Failed to issue certificate for " + str(client.domains)) - except acme.errors.ValidationError as ve: - print(f"ValidatinError: {ve.failed_authzrs}") except Exception as e: # pylint: disable=broad-exception-caught print(f"{type(e)}: {e}") finally: