Class: LetsencryptPlugin::CertGenerator
- Inherits:
-
Object
- Object
- LetsencryptPlugin::CertGenerator
- Defined in:
- lib/letsencrypt_plugin.rb
Instance Attribute Summary collapse
-
#cert ⇒ Object
readonly
Returns the value of attribute cert.
-
#client ⇒ Object
readonly
Returns the value of attribute client.
-
#options ⇒ Object
readonly
Returns the value of attribute options.
Instance Method Summary collapse
- #authorize(domain = common_domain_name) ⇒ Object
- #authorize_and_handle_challenge(domains) ⇒ Object
- #common_domain_name ⇒ Object
- #generate_certificate ⇒ Object
- #handle_challenge ⇒ Object
-
#initialize(options = {}) ⇒ CertGenerator
constructor
A new instance of CertGenerator.
- #private_key ⇒ Object
- #private_key_from_db ⇒ Object
- #private_key_from_file(filepath) ⇒ Object
- #private_key_path(private_key_file) ⇒ Object
- #register ⇒ Object
- #request_challenge_verification ⇒ Object
-
#save_certificate(certificate) ⇒ Object
Save the certificate and key.
- #store_challenge(challenge) ⇒ Object
- #valid_verification_status ⇒ Object
- #wait_for_status(challenge) ⇒ Object
Constructor Details
#initialize(options = {}) ⇒ CertGenerator
Returns a new instance of CertGenerator.
23 24 25 26 |
# File 'lib/letsencrypt_plugin.rb', line 23 def initialize( = {}) @options = @options.freeze end |
Instance Attribute Details
#cert ⇒ Object (readonly)
Returns the value of attribute cert.
21 22 23 |
# File 'lib/letsencrypt_plugin.rb', line 21 def cert @cert end |
#client ⇒ Object (readonly)
Returns the value of attribute client.
21 22 23 |
# File 'lib/letsencrypt_plugin.rb', line 21 def client @client end |
#options ⇒ Object (readonly)
Returns the value of attribute options.
21 22 23 |
# File 'lib/letsencrypt_plugin.rb', line 21 def @options end |
Instance Method Details
#authorize(domain = common_domain_name) ⇒ Object
97 98 99 100 |
# File 'lib/letsencrypt_plugin.rb', line 97 def (domain = common_domain_name) Rails.logger.info("Sending authorization request for: #{domain}...") @authorization = client.(domain: domain) end |
#authorize_and_handle_challenge(domains) ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/letsencrypt_plugin.rb', line 39 def (domains) result = false domains.each do |domain| (domain) handle_challenge request_challenge_verification result = valid_verification_status break unless result end result end |
#common_domain_name ⇒ Object
93 94 95 |
# File 'lib/letsencrypt_plugin.rb', line 93 def common_domain_name @domain ||= @options[:cert_name] || @options[:domain].split(' ').first.to_s end |
#generate_certificate ⇒ Object
28 29 30 31 32 33 34 35 36 37 |
# File 'lib/letsencrypt_plugin.rb', line 28 def generate_certificate register domains = @options[:domain].split(' ') return unless (domains) # We can now request a certificate Rails.logger.info('Creating CSR...') @cert = @client.new_certificate(Acme::Client::CertificateRequest.new(names: domains)) save_certificate(@cert) Rails.logger.info('Certificate has been generated.') end |
#handle_challenge ⇒ Object
111 112 113 114 |
# File 'lib/letsencrypt_plugin.rb', line 111 def handle_challenge @challenge = @authorization.http01 store_challenge(@challenge) end |
#private_key ⇒ Object
55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
# File 'lib/letsencrypt_plugin.rb', line 55 def private_key store ||= PrivateKeyStore.new(private_key_from_db) if @options.fetch(:private_key_in_db, false) pk_id = @options.fetch(:private_key, nil) raise 'Private key is not set, please check your config/letsencrypt_plugin.yml file!' if pk_id.nil? || pk_id.empty? store ||= PrivateKeyStore.new(private_key_from_file(private_key_path(pk_id))) if File.file?(private_key_path(pk_id)) raise "Can not open private key: #{private_key_path(pk_id)}" if File.directory?(private_key_path(pk_id)) store ||= PrivateKeyStore.new(pk_id) store.retrieve end |
#private_key_from_db ⇒ Object
74 75 76 77 78 |
# File 'lib/letsencrypt_plugin.rb', line 74 def private_key_from_db settings = LetsencryptPlugin::Setting.first raise 'Empty private_key field in settings table!' if settings.private_key.nil? settings.private_key end |
#private_key_from_file(filepath) ⇒ Object
80 81 82 |
# File 'lib/letsencrypt_plugin.rb', line 80 def private_key_from_file(filepath) File.read(filepath) end |
#private_key_path(private_key_file) ⇒ Object
70 71 72 |
# File 'lib/letsencrypt_plugin.rb', line 70 def private_key_path(private_key_file) Rails.root.join(private_key_file) end |
#register ⇒ Object
84 85 86 87 88 89 90 91 |
# File 'lib/letsencrypt_plugin.rb', line 84 def register Rails.logger.info('Trying to register at Let\'s Encrypt service...') registration = client.register(contact: "mailto:#{@options[:email]}") registration.agree_terms Rails.logger.info('Registration succeed.') rescue => e Rails.logger.info("#{e.class} - #{e.}. Already registered.") end |
#request_challenge_verification ⇒ Object
116 117 118 |
# File 'lib/letsencrypt_plugin.rb', line 116 def request_challenge_verification @challenge.request_verification end |
#save_certificate(certificate) ⇒ Object
Save the certificate and key
138 139 140 141 142 143 144 |
# File 'lib/letsencrypt_plugin.rb', line 138 def save_certificate(certificate) return unless certificate return HerokuOutput.new(common_domain_name, certificate).output unless ENV['DYNO'].nil? output_dir = File.join(Rails.root, @options[:output_cert_dir]) return FileOutput.new(common_domain_name, certificate, output_dir).output if File.directory?(output_dir) Rails.logger.error("Output directory: '#{output_dir}' does not exist!") end |
#store_challenge(challenge) ⇒ Object
102 103 104 105 106 107 108 109 |
# File 'lib/letsencrypt_plugin.rb', line 102 def store_challenge(challenge) if @options[:challenge_dir_name].nil? || @options[:challenge_dir_name].empty? DatabaseStore.new(challenge.file_content).store else FileStore.new(challenge.file_content, @options[:challenge_dir_name]).store end sleep(2) end |
#valid_verification_status ⇒ Object
129 130 131 132 133 134 135 |
# File 'lib/letsencrypt_plugin.rb', line 129 def valid_verification_status wait_for_status(@challenge) return true if @challenge.verify_status == 'valid' Rails.logger.error('Challenge verification failed! ' \ "Error: #{@challenge.error['type']}: #{@challenge.error['detail']}") false end |
#wait_for_status(challenge) ⇒ Object
120 121 122 123 124 125 126 127 |
# File 'lib/letsencrypt_plugin.rb', line 120 def wait_for_status(challenge) Rails.logger.info('Waiting for challenge status...') counter = 0 while challenge.verify_status == 'pending' && counter < 10 sleep(1) counter += 1 end end |