Class: Acmesmith::OrderingService

Inherits:
Object
  • Object
show all
Defined in:
lib/acmesmith/ordering_service.rb

Defined Under Namespace

Classes: NotCompleted

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(acme:, common_name:, identifiers:, private_key:, challenge_responder_rules:, chain_preferences:, not_before: nil, not_after: nil) ⇒ OrderingService

Returns a new instance of OrderingService.

Parameters:

  • acme (Acme::Client)

    ACME client

  • common_name (String)

    Common Name for a ordering certificate

  • identifiers (Array<String>)

    Array of domain names for a ordering certificate. common_name has to be explicitly included in this argument.

  • private_key (OpenSSL::PKey::PKey)

    Private key

  • challenge_responder_rules (Array<Acmesmith::Config::ChallengeResponderRule>)

    responders

  • chain_preferences (Array<Acmesmith::Config::ChainPreference>)

    chain_preferences

  • not_before (Time) (defaults to: nil)
  • not_after (Time) (defaults to: nil) 


17
18
19
20
21
22
23
24
25
26
 
# File 'lib/acmesmith/ordering_service.rb', line 17

def initialize(acme:, common_name:, identifiers:, private_key:, challenge_responder_rules:, chain_preferences:, not_before: nil, not_after: nil)
  @acme = acme
  @common_name = common_name
  @identifiers = identifiers
  @private_key = private_key
  @challenge_responder_rules = challenge_responder_rules
  @chain_preferences = chain_preferences
  @not_before = not_before
  @not_after = not_after
end

Instance Attribute Details

#acmeObject (readonly)

Returns the value of attribute acme.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def acme
  @acme
end

#chain_preferencesObject (readonly)

Returns the value of attribute chain_preferences.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def chain_preferences
  @chain_preferences
end

#challenge_responder_rulesObject (readonly)

Returns the value of attribute challenge_responder_rules.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def challenge_responder_rules
  @challenge_responder_rules
end

#common_nameObject (readonly)

Returns the value of attribute common_name.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def common_name
  @common_name
end

#identifiersObject (readonly)

Returns the value of attribute identifiers.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def identifiers
  @identifiers
end

#not_afterObject (readonly)

Returns the value of attribute not_after.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def not_after
  @not_after
end

#not_beforeObject (readonly)

Returns the value of attribute not_before.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def not_before
  @not_before
end

#private_keyObject (readonly)

Returns the value of attribute private_key.



28
29
30
 
# File 'lib/acmesmith/ordering_service.rb', line 28

def private_key
  @private_key
end

Instance Method Details

#certificateObject 



93
94
95
 
# File 'lib/acmesmith/ordering_service.rb', line 93

def certificate
  @certificate or raise NotCompleted, "not completed yet"
end

#csrAcme::Client::CertificateRequest

Returns:

  • (Acme::Client::CertificateRequest) 


108
109
110
 
# File 'lib/acmesmith/ordering_service.rb', line 108

def csr
  @csr ||= Acme::Client::CertificateRequest.new(subject: { common_name: common_name }, names: sans, private_key: private_key)
end

#ensure_authorizationObject 



55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/acmesmith/ordering_service.rb', line 55

def ensure_authorization
  return if order.authorizations.empty? || order.status == 'ready'
  puts "=> Looking for required domain authorizations"
  puts
  order.authorizations.map(&:domain).each do |domain|
    puts " * #{domain}"
  end
  puts

  AuthorizationService.new(challenge_responder_rules, order.authorizations).perform!
end

#finalize_orderObject 



67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/acmesmith/ordering_service.rb', line 67

def finalize_order
  puts
  puts "=> Finalizing the order"
  puts
  puts csr.csr.to_pem
  puts

  print " * Requesting..."
  order.finalize(csr: csr)
  puts" [ ok ]"
end

#orderObject

Returns Acme::Client::Resources::Order[].

Returns:

  • Acme::Client::Resources::Order[]



98
99
100
 
# File 'lib/acmesmith/ordering_service.rb', line 98

def order
  @order or raise "BUG: order not yet generated"
end

#pem_chainObject

Returns String.

Returns:

  • String



88
89
90
91
 
# File 'lib/acmesmith/ordering_service.rb', line 88

def pem_chain
  url = order.certificate_url or raise NotCompleted, "not completed yet"
  CertificateRetrievingService.new(acme, common_name, url, chain_preferences: chain_preferences).pem_chain
end

#perform!Object 



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/acmesmith/ordering_service.rb', line 30

def perform!
  puts "=> Ordering a certificate for the following identifiers:"
  puts
  puts " * CN:  #{common_name}"
  sans.each do |san|
    puts " * SAN: #{san}"
  end

  puts
  puts "=> Placing an order"
  @order = acme.new_order(identifiers: identifiers, not_before: not_before, not_after: not_after)
  puts " * URL: #{order.url}"

  ensure_authorization()

  finalize_order()
  wait_order_for_complete()

  @certificate = Certificate.by_issuance(pem_chain, csr, name: common_name)

  puts
  puts "=> Certificate issued"
  nil
end

#sansArray<String>

Returns:

  • (Array<String>) 


103
104
105
 
# File 'lib/acmesmith/ordering_service.rb', line 103

def sans
  identifiers[1..-1]
end

#wait_order_for_completeObject 



79
80
81
82
83
84
85
 
# File 'lib/acmesmith/ordering_service.rb', line 79

def wait_order_for_complete
  while %w(ready processing).include?(order.status)
    order.reload()
    puts " * Waiting for complete: status=#{order.status}"
    sleep 2
  end
end