acme.sh icon indicating copy to clipboard operation
acme.sh copied to clipboard

Published 20 hours ago verified publisher icon acmesh-official

[FEATURE-REQ] Need IAM sub-account support for HUAWEICloud.

Open dfc643 opened this issue 3 years ago • 6 comments

Why need it?

The script cannot get the right token due to my HUAWEI account has been enabled MFA Two-factor authentication for some security reasons. So we need the IAM sub-account supports.

How to?

I have moded the file dns_huaweicloud.sh to support HUAWEI IAM sub-account.

before https://github.com/acmesh-official/acme.sh/blob/9293bcfb1cd5a56c6cede3f5f46af8529ee99624/dnsapi/dns_huaweicloud.sh#L239-L267

after

_get_token() {
  _username=$1
  _password=$2
  _project=$3
  
  _iamuser=`echo $_username | awk -F@ '{print $1}'`
  _iamdomain=`echo $_username | awk -F@ '{print $2}'`

  _debug "Getting Token"
  body="{
    \"auth\": {
      \"identity\": {
        \"methods\": [
          \"password\"
        ],
        \"password\": {
          \"user\": {
            \"name\": \"${_iamuser}\",
            \"password\": \"${_password}\",
            \"domain\": {
              \"name\": \"${_iamdomain}\"
            }
          }
        }
      },
      \"scope\": {
        \"project\": {
          \"id\": \"${_project}\"
        }
      }
    }
  }"

How to use?

export HUAWEICLOUD_Username=subaccount@MyMainAccount
export HUAWEICLOUD_Password=SubAccountPassword
export HUAWEICLOUD_ProjectID=ProjectID
/root/.acme.sh/acme.sh --issue --dns dns_huaweicloud -d www.acgdraw.com --test

dfc643 avatar Jun 05 '21 06:06 dfc643

I use this success

https://gist.github.com/OrangeGeeker/3b841aa237dc3b7065f2baa8167914db

export HUAWEICLOUD_Username=xxx export HUAWEICLOUD_Password=xxx export HUAWEICLOUD_ProjectID=xxx export HUAWEICLOUD_DomainName=xxx

acme.sh --issue --dns dns_huaweicloud -d *.example.com --debug

grey-liu avatar Jul 30 '21 20:07 grey-liu

I use this success

https://gist.github.com/OrangeGeeker/3b841aa237dc3b7065f2baa8167914db

export HUAWEICLOUD_Username=xxx export HUAWEICLOUD_Password=xxx export HUAWEICLOUD_ProjectID=xxx export HUAWEICLOUD_DomainName=xxx

acme.sh --issue --dns dns_huaweicloud -d *.example.com --debug

works for me! thx! fix a bug in line 88: before:

token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"

after:

token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}" "${HUAWEICLOUD_DomainName}")"

alphauniverse avatar Feb 21 '22 11:02 alphauniverse

There is a PR for this,but it was removed and marked a lebel named "rev", I don't konw what means the label,and why dose the PR was removed ORZ.

xzycn avatar Mar 09 '22 02:03 xzycn

Any update for this?

alexcc4 avatar Jun 21 '22 05:06 alexcc4

Any update for this?

https://gist.github.com/OrangeGeeker/3b841aa237dc3b7065f2baa8167914db 用这

grey-liu avatar Jun 21 '22 05:06 grey-liu

Any update for this?

https://gist.github.com/OrangeGeeker/3b841aa237dc3b7065f2baa8167914db 用这

Works fine, replacing original shell. Just wait for the official version.

alexcc4 avatar Jun 21 '22 07:06 alexcc4