From 27382f38dceebe1c6ea62dcb37cd5d0ccdeceba7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Moser?= <mail@renemoser.net>
Date: Fri, 30 Mar 2018 00:20:43 +0200
Subject: [PATCH] Fixing domain to authorization matching for ACME v2. (#37558)
 (#37572)

(cherry picked from commit 190755ff659aa18a4a05951c04c41808358121c9)
Signed-off-by: Rene Moser <mail@renemoser.net>
---
 lib/ansible/modules/web_infrastructure/letsencrypt.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/ansible/modules/web_infrastructure/letsencrypt.py b/lib/ansible/modules/web_infrastructure/letsencrypt.py
index 07bfaa27a1d..64635a96a28 100644
--- a/lib/ansible/modules/web_infrastructure/letsencrypt.py
+++ b/lib/ansible/modules/web_infrastructure/letsencrypt.py
@@ -1112,10 +1112,12 @@ class ACMEClient(object):
         if info['status'] not in [201]:
             self.module.fail_json(msg="Error new order: CODE: {0} RESULT: {1}".format(info['status'], result))
 
-        for identifier, auth_uri in zip(result['identifiers'], result['authorizations']):
-            domain = identifier['value']
+        for auth_uri in result['authorizations']:
             auth_data = simple_get(self.module, auth_uri)
             auth_data['uri'] = auth_uri
+            domain = auth_data['identifier']['value']
+            if auth_data.get('wildcard', False):
+                domain = '*.{0}'.format(domain)
             self.authorizations[domain] = auth_data
 
         self.order_uri = info['location']