Class: Heroku::Command::Certs

Inherits:

Base

• Object
• Base
• Heroku::Command::Certs

Defined in:

lib/heroku/command/certs.rb

Overview

manage ssl endpoints for an app

Defined Under Namespace

Classes: UsageError

Constant Summary

SSL_DOCTOR =

Excon.new(ENV["SSL_DOCTOR_URL"] || "https://ssl-doctor.herokuapp.com/")

Instance Attribute Summary

Attributes inherited from Base

#args, #options

Instance Method Summary

• #add ⇒ Object

  certs:add CRT KEY.

• #chain ⇒ Object

  certs:chain CRT [CRT …].

• #index ⇒ Object

  certs.

• #info ⇒ Object

  certs:info.

• #key ⇒ Object

  certs:key CRT KEY [KEY …].

• #remove ⇒ Object

  certs:remove.

• #rollback ⇒ Object

  certs:rollback.

• #update ⇒ Object

  certs:update CRT KEY.

Methods inherited from Base

#api, #app, #heroku, #initialize, namespace

Methods included from Helpers

#action, #ask, #confirm, #confirm_billing, #confirm_command, #create_git_remote, #deprecate, #display_header, #display_object, #display_row, #display_table, #error, error_with_failure, error_with_failure=, extended, extended_into, #fail, #format_bytes, #format_date, #format_error, #format_with_bang, #get_terminal_environment, #git, #has_git?, #home_directory, #host_name, #hprint, #hputs, included, included_into, #json_decode, #json_encode, #launchy, #line_formatter, #longest, #output_with_bang, #quantify, #redisplay, #retry_on_exception, #run_command, #running_on_a_mac?, #running_on_windows?, #set_buffer, #shell, #spinner, #status, #string_distance, #styled_array, #styled_error, #styled_hash, #styled_header, #suggestion, #time_ago, #truncate, #with_tty

Constructor Details

This class inherits a constructor from Heroku::Command::Base

Instance Method Details

#add ⇒ Object

certs:add CRT KEY

Add an ssl endpoint to an app.

--bypass  # bypass the trust chain completion step

# File 'lib/heroku/command/certs.rb', line 71

def add
  crt, key = read_crt_and_key
  endpoint = action("Adding SSL Endpoint to #{app}") { heroku.ssl_endpoint_add(app, crt, key) }
  display_warnings(endpoint)
  display "#{app} now served by #{endpoint['cname']}"
  display "Certificate details:"
  display_certificate_info(endpoint)
rescue UsageError
  fail("Usage: pogo certs:add CRT KEY\nMust specify CRT and KEY to add cert.")
end

#chain ⇒ Object

certs:chain CRT [CRT …]

Print the ordered and complete chain for the given certificate.

Optional intermediate certificates may be given too, and will be used during chain resolution.

# File 'lib/heroku/command/certs.rb', line 45

def chain
  puts read_crt_through_ssl_doctor
rescue UsageError
  fail("Usage: pogo certs:chain CRT [CRT ...]\nMust specify at least one certificate file.")
end

#index ⇒ Object

certs

List ssl endpoints for an app.

# File 'lib/heroku/command/certs.rb', line 15

def index
  endpoints = heroku.ssl_endpoint_list(app)

  if endpoints.empty?
    display "#{app} has no SSL Endpoints."
    display "Use `pogo certs:add CRT KEY` to add one."
  else
    endpoints.map! do |endpoint|
      {
        'cname'       => endpoint['cname'],
        'domains'     => endpoint['ssl_cert']['cert_domains'].join(', '),
        'expires_at'  => format_date(endpoint['ssl_cert']['expires_at']),
        'ca_signed?'  => endpoint['ssl_cert']['ca_signed?'].to_s.capitalize
      }
    end
    display_table(
      endpoints,
      %w( cname domains expires_at ca_signed? ),
      [ "Endpoint", "Common Name(s)", "Expires", "Trusted" ]
    )
  end
end

#info ⇒ Object

certs:info

Show certificate information for an ssl endpoint.

# File 'lib/heroku/command/certs.rb', line 103

def info
  cname = options[:endpoint] || current_endpoint
  endpoint = action("Fetching SSL Endpoint #{cname} info for #{app}") do
    heroku.ssl_endpoint_info(app, cname)
  end

  display "Certificate details:"
  display_certificate_info(endpoint)
end

#key ⇒ Object

certs:key CRT KEY [KEY …]

Print the correct key for the given certificate.

You must pass one single certificate, and one or more keys. The first key that signs the certificate will be printed back.

# File 'lib/heroku/command/certs.rb', line 58

def key
  crt, key = read_crt_and_key_through_ssl_doctor("Testing for signing key")
  puts key
rescue UsageError
  fail("Usage: pogo certs:key CRT KEY [KEY ...]\nMust specify one certificate file and at least one key file.")
end

#remove ⇒ Object

certs:remove

Remove an SSL Endpoint from an app.

# File 'lib/heroku/command/certs.rb', line 117

def remove
  cname = options[:endpoint] || current_endpoint
  action("Removing SSL Endpoint #{cname} from #{app}") do
    heroku.ssl_endpoint_remove(app, cname)
  end
  display "NOTE: Billing is still active. Remove SSL Endpoint add-on to stop billing."
end

#rollback ⇒ Object

certs:rollback

Rollback an SSL Endpoint for an app.

# File 'lib/heroku/command/certs.rb', line 129

def rollback
  cname = options[:endpoint] || current_endpoint

  endpoint = action("Rolling back SSL Endpoint #{cname} for #{app}") do
    heroku.ssl_endpoint_rollback(app, cname)
  end

  display "New active certificate details:"
  display_certificate_info(endpoint)
end

#update ⇒ Object

certs:update CRT KEY

Update an SSL Endpoint on an app.

--bypass  # bypass the trust chain completion step

# File 'lib/heroku/command/certs.rb', line 88

def update
  crt, key = read_crt_and_key
  cname    = options[:endpoint] || current_endpoint
  endpoint = action("Updating SSL Endpoint #{cname} for #{app}") { heroku.ssl_endpoint_update(app, cname, crt, key) }
  display_warnings(endpoint)
  display "Updated certificate details:"
  display_certificate_info(endpoint)
rescue UsageError
  fail("Usage: pogo certs:update CRT KEY\nMust specify CRT and KEY to update cert.")
end