Following my prior post on Let’s Encrypt - Acme on AppEngine, I have rewritten in Python and substantially simplified the process for deploying a challenge with minimal user input.
In particular, the following script will extract the challenge from STDOUT of
Let’s Encrypt, write the challenges to the given directory, call
to upload the challenges, before Let’s Encrypt performs its validation. If all
goes well, the private key is converted to a format usable by AppEngine and
both it and the certificate chain are printed to the terminal.
While it may still take some tinkering to get it right, the basic structure works for my setup and the changes should mostly relate to configuration and parameters.
There are some Python dependencies, notably Click, Colorama and pexpect.
This script remains quite convoluted, so I submitted an issue to the Let’s Encrypt GitHub repository to enable arbitrary shell commands to perform steps for validation, which would dramatically simplify the process and make it more robust.