Module: LetsEncrypt
- Defined in:
- lib/letsencrypt.rb,
lib/letsencrypt/redis.rb,
lib/letsencrypt/engine.rb,
lib/letsencrypt/railtie.rb,
lib/letsencrypt/version.rb,
lib/letsencrypt/logger_proxy.rb,
lib/letsencrypt/configuration.rb,
app/models/lets_encrypt/certificate.rb,
app/jobs/lets_encrypt/application_job.rb,
app/jobs/lets_encrypt/renew_certificates_job.rb,
lib/generators/lets_encrypt/install_generator.rb,
lib/generators/lets_encrypt/register_generator.rb,
app/controllers/lets_encrypt/application_controller.rb,
app/controllers/lets_encrypt/verifications_controller.rb,
app/models/concerns/lets_encrypt/certificate_issuable.rb,
app/models/concerns/lets_encrypt/certificate_verifiable.rb
Overview
:nodoc:
Defined Under Namespace
Modules: CertificateIssuable, CertificateVerifiable, Generators Classes: ApplicationController, ApplicationJob, Certificate, Configuration, Engine, LoggerProxy, Railtie, Redis, RenewCertificatesJob, VerificationsController
Constant Summary collapse
- ENDPOINT =
Production mode API Endpoint
'https://acme-v02.api.letsencrypt.org/directory'
- ENDPOINT_STAGING =
Staging mode API Endpoint, the rate limit is higher but got invalid certificate for testing
'https://acme-staging-v02.api.letsencrypt.org/directory'
- VERSION =
'0.11.3'
Class Method Summary collapse
- .certificate_model ⇒ Object
-
.client ⇒ Object
Create the ACME Client to Let’s Encrypt.
-
.config(&block) ⇒ Object
Config how to Let’s Encrypt works for Rails.
-
.directory ⇒ Object
Get current using Let’s Encrypt endpoint.
- .generate_private_key ⇒ Object
- .load_private_key ⇒ Object
- .logger ⇒ Object
- .private_key ⇒ Object
- .private_key_path ⇒ Object
-
.register(email) ⇒ Object
Register a Let’s Encrypt account.
Class Method Details
.certificate_model ⇒ Object
86 87 88 |
# File 'lib/letsencrypt.rb', line 86 def certificate_model @certificate_model ||= config.certificate_model.constantize end |
.client ⇒ Object
Create the ACME Client to Let’s Encrypt
23 24 25 26 27 28 |
# File 'lib/letsencrypt.rb', line 23 def client @client ||= ::Acme::Client.new( private_key: private_key, directory: directory ) end |
.config(&block) ⇒ Object
Config how to Let’s Encrypt works for Rails
LetsEncrypt.config do |config|
# Always use production mode to connect Let's Encrypt API server
config.use_staging = false
end
80 81 82 83 84 |
# File 'lib/letsencrypt.rb', line 80 def config(&block) @config ||= Configuration.new instance_exec(@config, &block) if block_given? @config end |
.directory ⇒ Object
Get current using Let’s Encrypt endpoint
42 43 44 |
# File 'lib/letsencrypt.rb', line 42 def directory @directory ||= config.use_staging? ? ENDPOINT_STAGING : ENDPOINT end |
.generate_private_key ⇒ Object
63 64 65 66 67 68 |
# File 'lib/letsencrypt.rb', line 63 def generate_private_key key = OpenSSL::PKey::RSA.new(4096) File.write(private_key_path, key.to_s) logger.info "Created new private key for Let's Encrypt" key end |
.load_private_key ⇒ Object
34 35 36 37 38 39 |
# File 'lib/letsencrypt.rb', line 34 def load_private_key return ENV.fetch('LETSENCRYPT_PRIVATE_KEY', nil) if config.use_env_key return File.open(private_key_path) if File.exist?(private_key_path) generate_private_key end |
.logger ⇒ Object
70 71 72 |
# File 'lib/letsencrypt.rb', line 70 def logger @logger ||= LoggerProxy.new(Rails.logger, tags: ['LetsEncrypt']) end |
.private_key ⇒ Object
30 31 32 |
# File 'lib/letsencrypt.rb', line 30 def private_key @private_key ||= OpenSSL::PKey::RSA.new(load_private_key) end |
.private_key_path ⇒ Object
59 60 61 |
# File 'lib/letsencrypt.rb', line 59 def private_key_path config.private_key_path || Rails.root.join('config/letsencrypt.key') end |
.register(email) ⇒ Object
Register a Let’s Encrypt account
This is required a private key to do this, and Let’s Encrypt will use this private key to connect with domain and assign the owner who can renew and revoked.
52 53 54 55 56 57 |
# File 'lib/letsencrypt.rb', line 52 def register(email) account = client.new_account(contact: "mailto:#{email}", terms_of_service_agreed: true) logger.info "Successfully registered private key with address #{email}" account.kid # TODO: Save KID true end |