From 2c482847ce4259283f08c1397cee4fc957075ac2 Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Wed, 31 Jan 2018 08:24:08 +0100 Subject: [PATCH] letsencrypt: fix account key detection for keys created by openssl_privatekey (#35534) * Fixing key detection if key was generated with openssl_privatekey. * Fixing error formatting. --- lib/ansible/modules/web_infrastructure/letsencrypt.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/ansible/modules/web_infrastructure/letsencrypt.py b/lib/ansible/modules/web_infrastructure/letsencrypt.py index 68039f0e2c2..c73216aa70e 100644 --- a/lib/ansible/modules/web_infrastructure/letsencrypt.py +++ b/lib/ansible/modules/web_infrastructure/letsencrypt.py @@ -566,8 +566,14 @@ class ACMEAccount(object): if m is not None: account_key_type = m.group(1).lower() break + if account_key_type is None: + # This happens for example if openssl_privatekey created this key + # (as opposed to the OpenSSL binary). For now, we assume this is + # an RSA key. + # FIXME: add some kind of auto-detection + account_key_type = "rsa" if account_key_type not in ("rsa", "ec"): - return 'unknown key type "%s" % account_key_type', {} + return 'unknown key type "%s"' % account_key_type, {} openssl_keydump_cmd = [self._openssl_bin, account_key_type, "-in", key, "-noout", "-text"] dummy, out, dummy = self.module.run_command(openssl_keydump_cmd, check_rc=True)