< Back
Submit-ChallengeValidation
Post
NAME Submit-ChallengeValidation
SYNOPSIS
Respond to authorization challenges for an ACME order and wait for the ACME server to validate them.
SYNTAX
Submit-ChallengeValidation [[-DnsPlugin] <String[]>] [[-PluginArgs] <Hashtable>] [-DnsAlias <String[]>] [-DnsSleep
<Int32>] [-ValidationTimeout <Int32>] [-Account <Object>] [-Order <Object>] [<CommonParameters>]
DESCRIPTION
An ACME order contains an authorization object for each domain in the order. The client must complete at least one
of a set of challenges for each authorization in order to prove they own the domain. Once complete, the client
asks the server to validate each challenge and waits for the server to do so and update the authorization status.
PARAMETERS
-DnsPlugin <String[]>
One or more DNS plugin names to use for this order's DNS challenges. If no plugin is specified, the "Manual"
plugin will be used. If the same plugin is used for all domains in the order, you can just specify it once.
Otherwise, you should specify as many plugin names as there are domains in the order and in the same sequence
as the ACME order.
Required? false
Position? 1
Default value
Accept pipeline input? false
Accept wildcard characters? false
-PluginArgs <Hashtable>
A hashtable containing the plugin arguments to use with the specified DnsPlugin list. So if a plugin has a
-MyText string and -MyNumber integer parameter, you could specify them as @{MyText='text';MyNumber=1234}.
These arguments are saved to the current ACME account so they can be used automatically for subsequent
certificates and renewals. New values will overwrite saved values for existing parameters.
Required? false
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DnsAlias <String[]>
One or more FQDNs that DNS challenges should be published to instead of the certificate domain's zone. This is
used in advanced setups where a CNAME in the certificate domain's zone has been pre-created to point to the
alias's FQDN which makes the ACME server check the alias domain when validation challenge TXT records. If the
same alias is used for all domains in the order, you can just specify it once. Otherwise, you should specify
as many alias FQDNs as there are domains in the order and in the same sequence as the order.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DnsSleep <Int32>
Number of seconds to wait for DNS changes to propagate before asking the ACME server to validate DNS
challenges. Default is 120.
Required? false
Position? named
Default value 120
Accept pipeline input? false
Accept wildcard characters? false
-ValidationTimeout <Int32>
Number of seconds to wait for the ACME server to validate the challenges after asking it to do so. Default is
60. If the timeout is exceeded, an error will be thrown.
Required? false
Position? named
Default value 60
Accept pipeline input? false
Accept wildcard characters? false
-Account <Object>
If specified, switch to and use this account for the validations. It must be associated with the current
server or an error will be thrown.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Order <Object>
If specified, switch to and use this order for the validations. It must be associated with the current or
specified account or an error will be thrown.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Submit-ChallengeValidation
Invoke manual DNS challenge validation on the currently selected account and order.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$pluginArgs = @{FBServer='fb.example.com'; FBCred=(Get-Credential)}
PS C:\\>Submit-ChallengeValidation Flurbog $pluginArgs
Invoke DNS challenge validation using the hypothetical Flurbog plugin on the currently selected account and order.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$pluginArgs = @{FBServer='fb.example.com'; FBCred=(Get-Credential)}
PS C:\\>Submit-ChallengeValidation Flurbog $pluginArgs -DnsAlias validate.alt-example.com
This is the same as the previous example except that it's telling the Flurbog plugin to write to an alias domain.
This only works if you have already created a CNAME record for the domain(s) in the order that points to
validate.alt-example.com.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>$order = Get-PAOrder site1.example.com
PS C:\\>Submit-ChallengeValidation -Order $order
Invoke manual DNS challenge validation on the specified order and currently selected account.
RELATED LINKS
Project: https://github.com/rmbolger/Posh-ACME
Get-PAOrder
New-PAOrder
SYNOPSIS
Respond to authorization challenges for an ACME order and wait for the ACME server to validate them.
SYNTAX
Submit-ChallengeValidation [[-DnsPlugin] <String[]>] [[-PluginArgs] <Hashtable>] [-DnsAlias <String[]>] [-DnsSleep
<Int32>] [-ValidationTimeout <Int32>] [-Account <Object>] [-Order <Object>] [<CommonParameters>]
DESCRIPTION
An ACME order contains an authorization object for each domain in the order. The client must complete at least one
of a set of challenges for each authorization in order to prove they own the domain. Once complete, the client
asks the server to validate each challenge and waits for the server to do so and update the authorization status.
PARAMETERS
-DnsPlugin <String[]>
One or more DNS plugin names to use for this order's DNS challenges. If no plugin is specified, the "Manual"
plugin will be used. If the same plugin is used for all domains in the order, you can just specify it once.
Otherwise, you should specify as many plugin names as there are domains in the order and in the same sequence
as the ACME order.
Required? false
Position? 1
Default value
Accept pipeline input? false
Accept wildcard characters? false
-PluginArgs <Hashtable>
A hashtable containing the plugin arguments to use with the specified DnsPlugin list. So if a plugin has a
-MyText string and -MyNumber integer parameter, you could specify them as @{MyText='text';MyNumber=1234}.
These arguments are saved to the current ACME account so they can be used automatically for subsequent
certificates and renewals. New values will overwrite saved values for existing parameters.
Required? false
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DnsAlias <String[]>
One or more FQDNs that DNS challenges should be published to instead of the certificate domain's zone. This is
used in advanced setups where a CNAME in the certificate domain's zone has been pre-created to point to the
alias's FQDN which makes the ACME server check the alias domain when validation challenge TXT records. If the
same alias is used for all domains in the order, you can just specify it once. Otherwise, you should specify
as many alias FQDNs as there are domains in the order and in the same sequence as the order.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DnsSleep <Int32>
Number of seconds to wait for DNS changes to propagate before asking the ACME server to validate DNS
challenges. Default is 120.
Required? false
Position? named
Default value 120
Accept pipeline input? false
Accept wildcard characters? false
-ValidationTimeout <Int32>
Number of seconds to wait for the ACME server to validate the challenges after asking it to do so. Default is
60. If the timeout is exceeded, an error will be thrown.
Required? false
Position? named
Default value 60
Accept pipeline input? false
Accept wildcard characters? false
-Account <Object>
If specified, switch to and use this account for the validations. It must be associated with the current
server or an error will be thrown.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Order <Object>
If specified, switch to and use this order for the validations. It must be associated with the current or
specified account or an error will be thrown.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
-------------------------- EXAMPLE 1 --------------------------
PS C:\\>Submit-ChallengeValidation
Invoke manual DNS challenge validation on the currently selected account and order.
-------------------------- EXAMPLE 2 --------------------------
PS C:\\>$pluginArgs = @{FBServer='fb.example.com'; FBCred=(Get-Credential)}
PS C:\\>Submit-ChallengeValidation Flurbog $pluginArgs
Invoke DNS challenge validation using the hypothetical Flurbog plugin on the currently selected account and order.
-------------------------- EXAMPLE 3 --------------------------
PS C:\\>$pluginArgs = @{FBServer='fb.example.com'; FBCred=(Get-Credential)}
PS C:\\>Submit-ChallengeValidation Flurbog $pluginArgs -DnsAlias validate.alt-example.com
This is the same as the previous example except that it's telling the Flurbog plugin to write to an alias domain.
This only works if you have already created a CNAME record for the domain(s) in the order that points to
validate.alt-example.com.
-------------------------- EXAMPLE 4 --------------------------
PS C:\\>$order = Get-PAOrder site1.example.com
PS C:\\>Submit-ChallengeValidation -Order $order
Invoke manual DNS challenge validation on the specified order and currently selected account.
RELATED LINKS
Project: https://github.com/rmbolger/Posh-ACME
Get-PAOrder
New-PAOrder