Class: AcmeWrapper
- Inherits:
-
Object
- Object
- AcmeWrapper
- Defined in:
- lib/letsencrypt/cli/acme_wrapper.rb
Instance Method Summary collapse
- #authorize(domain) ⇒ Object
- #cert(domains) ⇒ Object
- #check_certificate(path) ⇒ Object
- #client ⇒ Object
-
#initialize(options) ⇒ AcmeWrapper
constructor
A new instance of AcmeWrapper.
- #log(message, severity = :info) ⇒ Object
Constructor Details
#initialize(options) ⇒ AcmeWrapper
Returns a new instance of AcmeWrapper.
5 6 7 8 9 10 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 5 def initialize() @options = if !@options[:color] String.disable_colorization = true end end |
Instance Method Details
#authorize(domain) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 26 def (domain) FileUtils.mkdir_p(@options[:webroot_path]) log "Authorizing #{domain.blue}.." = client.(domain: domain) challenge = .http01 challenge_file = File.join(@options[:webroot_path], challenge.filename.split('/').last) log "Writing challenge to #{challenge_file}", :debug File.write(challenge_file, challenge.file_content) challenge.request_verification 5.times do log "Checking verification...", :debug sleep 1 break if challenge.verify_status != 'pending' end if challenge.verify_status == 'valid' log "Authorization successful for #{domain.green}" File.unlink(challenge_file) true else log "Authorization error for #{domain.red}", :error log challenge.error['detail'] false end end |
#cert(domains) ⇒ Object
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 55 def cert(domains) return if certificate_exists_and_valid? csr = OpenSSL::X509::Request.new certificate_private_key = find_or_create_pkey(@options[:private_key_path], "private key", @options[:key_length] || 2048) csr.subject = OpenSSL::X509::Name.new([ # ['C', options[:country], OpenSSL::ASN1::PRINTABLESTRING], # ['ST', options[:state], OpenSSL::ASN1::PRINTABLESTRING], # ['L', options[:city], OpenSSL::ASN1::PRINTABLESTRING], # ['O', options[:organization], OpenSSL::ASN1::UTF8STRING], # ['OU', options[:department], OpenSSL::ASN1::UTF8STRING], # ['CN', options[:common_name], OpenSSL::ASN1::UTF8STRING], # ['emailAddress', options[:email], OpenSSL::ASN1::UTF8STRING] ['CN', domains.first, OpenSSL::ASN1::UTF8STRING] ]) if domains.count > 1 ef = OpenSSL::X509::ExtensionFactory.new exts = [ ef.create_extension( "subjectAltName", domains.map{|domain| "DNS:#{domain}"}.join(','), false ) ] attrval = OpenSSL::ASN1::Set([OpenSSL::ASN1::Sequence(exts)]) attrs = [ OpenSSL::X509::Attribute.new('extReq', attrval), OpenSSL::X509::Attribute.new('msExtReq', attrval), ] attrs.each do |attr| csr.add_attribute(attr) end end csr.public_key = certificate_private_key.public_key csr.sign(certificate_private_key, OpenSSL::Digest::SHA256.new) certificate = client.new_certificate(csr) File.write(@options[:fullchain_path], certificate.fullchain_to_pem) File.write(@options[:chain_path], certificate.chain_to_pem) File.write(@options[:certificate_path], certificate.to_pem) log "Certificate successfully created to #{@options[:fullchain_path]} #{@options[:chain_path]} and #{@options[:certificate_path]}!".green log "Certificate valid until: #{certificate.x509.not_after}" end |
#check_certificate(path) ⇒ Object
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 92 def check_certificate(path) unless File.exists?(path) log "Certificate #{path} does not exists", :warn return false end cert = OpenSSL::X509::Certificate.new(File.read(path)) renew_on = cert.not_after.to_date - @options[:days_valid] log "Certificate '#{path}' valid until #{cert.not_after.to_date}.", :info if Date.today >= renew_on log "Certificate '#{path}' should be renewed!", :warn return false else true end end |
#client ⇒ Object
22 23 24 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 22 def client @client ||= Acme::Client.new(private_key: account_key, endpoint: endpoint) end |
#log(message, severity = :info) ⇒ Object
12 13 14 15 16 17 18 19 20 |
# File 'lib/letsencrypt/cli/acme_wrapper.rb', line 12 def log(, severity=:info) @logger ||= Logger.new(STDOUT).tap {|logger| logger.level = Logger::SEV_LABEL.index(@options[:log_level].upcase) logger.formatter = proc do |sev, datetime, progname, msg| "#{datetime.to_s.light_black}: #{msg}\n" end } @logger.send(severity, ) end |