acme-client 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c20a6817f7b9cabcc97fd675cb6e9977544de7de
4
- data.tar.gz: 04ab2587617f4c1c94bab02ecc0f902c71c11576
3
+ metadata.gz: 16bb88e5400d61017d3265c400d093f074f141e4
4
+ data.tar.gz: 9bb02691a2abbe5ea25915eb6f42a82a61be8ac0
5
5
  SHA512:
6
- metadata.gz: 7cc46125a7e5565dab48ee669330663d471ee93877e6e0751cde792ca389dd03290eade0ef9e4bbb6dbcd50f955d7071fe7de6d3e6bb01fb7439d9c15563ebab
7
- data.tar.gz: a5b7c82005996edfa8a11bddaeae46df26748a037666f5349980c7d6d0df3be4b63d91908ce24d96fecc42d94140c6b80e7d4877cbdf02ef510cad882146ed6f
6
+ metadata.gz: 068117a5dd211c110cc009ff1642b9fffdf78b6d54f3891f3a296a1af2940ee9217e76bf002f1a49a056672a02e58b63bc880710c8b3555a76953b18af85aaa7
7
+ data.tar.gz: e234b3e0037ebb1428896cd235d7edb882adc2fabd382fe97d86b232dbf3dbcaa93c28be78efc8069673f59cc3f6938e713e4eb10fc280a24416b84b28ed78e9
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  `acme-client` is a client implementation of the [ACME](https://letsencrypt.github.io/acme-spec) protocol in Ruby.
4
4
 
5
- You can find the server reference implementation for ACME server at [here](github.com/letsencrypt/boulder) and also the a reference [client](github.com/letsencrypt/letsencrypt) written in python.
5
+ You can find the server reference implementation for ACME server [here](github.com/letsencrypt/boulder) and also the a reference [client](github.com/letsencrypt/letsencrypt) in python.
6
6
 
7
7
  ACME is part of the [Letsencrypt](https://letsencrypt.org/) project, that are working hard at encrypting all the things.
8
8
 
@@ -18,48 +18,55 @@ endpoint = 'http://letsencrypt.com/'
18
18
  # Initialize the client
19
19
  client = Acme::Client.new(private_key: private_key, endpoint: endpoint)
20
20
 
21
- # If the private key is not known to the server we need to register for the first time.
21
+ # If the private key is not known to the server, we need to register it for the first time.
22
22
  registration = client.register(contact: 'mailto:unixcharles@gmail.com')
23
23
 
24
- # You'll need to agree the term (that's up the to the server to require it or not but boulder does by default)
24
+ # You'll may need to agree to the term (that's up the to the server to require it or not but boulder does by default)
25
25
  registration.agree_terms
26
26
 
27
27
  # Let's try to optain a certificate for yourdomain.com
28
+
29
+ # We need to prove that we control the domain using one of the challanges method.
28
30
  authorization = client.authorize(domain: 'yourdomain.com')
29
31
 
30
- # We need to prove that we control the domain using one of the challanges method
32
+ # For now the only challenge method supprted by the client is simple_http.
31
33
  simple_http = authorization.simple_http
32
34
 
33
35
  # The SimpleHTTP method will require you to response to an HTTP request.
34
36
 
35
- # You can retreive the expected path for the file.
37
+ # You can retrieve the expected path for the file.
36
38
  simple_http.filename # => ".well-known/acme-challenge/:some_token"
37
39
 
38
- # You can retrieve the body of the expected response
40
+ # You can generate the body of the expected response.
39
41
  simple_http.file_content # => 'string of JWS signed json'
40
42
 
41
- # You can send no Content-Type at all but if you send one it has to be 'application/jose+json'
43
+ # You can send no Content-Type at all but if you send one it has to be 'application/jose+json'.
42
44
  simple_http.content_type
43
45
 
44
46
  # Once you are ready to serve the confirmation request you can proceed.
45
47
  simple_http.request_verification # => true
46
48
  simple_http.verify_status # => 'pending'
47
49
 
48
- # Wait a bit for the server to make the request, or really just blink, should be fast.
50
+ # Wait a bit for the server to make the request, or really just blink, it should be fast.
49
51
  sleep(1)
50
52
 
51
- simple_http.verify_status # => 'pending'
53
+ simple_http.verify_status # => 'valid'
54
+
55
+ # We're going to need a CSR, lets do this real quick with Ruby+OpenSSL.
56
+ csr = OpenSSL::X509::Request.new
57
+
58
+ # We need a private key for the certificate, not the same as the account key.
59
+ certificate_private_key = OpenSSL::PKey::RSA.new(2048)
52
60
 
53
- # We're going to need a CSR, let do this real quick with Ruby+OpenSSL.
54
- request = OpenSSL::X509::Request.new
55
- request.subject = OpenSSL::X509::Name.new([
61
+ # We just going to add the domain but normally you might want to provide more information.
62
+ csr.subject = OpenSSL::X509::Name.new([
56
63
  ['CN', common_name, OpenSSL::ASN1::UTF8STRING]
57
64
  ])
58
65
 
59
- request.public_key = private_key.public_key
60
- request.sign(private_key, OpenSSL::Digest::SHA256.new)
66
+ csr.public_key = certificate_private_key.public_key
67
+ csr.sign(private_key, OpenSSL::Digest::SHA256.new)
61
68
 
62
- # You can request a new certificate
69
+ # We can now request a certificate
63
70
  client.new_certificate(csr) # => #<OpenSSL::X509::Certificate ....>
64
71
  ```
65
72
 
data/lib/acme/client.rb CHANGED
@@ -1,5 +1,11 @@
1
1
  class Acme::Client
2
2
  DEFAULT_ENDPOINT = 'http://127.0.0.1:4000'
3
+ DIRECTORY_DEFAULT = {
4
+ 'new-authz' => '/acme/new-authz',
5
+ 'new-cert' => '/acme/new-cert',
6
+ 'new-reg' => '/acme/new-reg',
7
+ 'revoke-cert' => '/acme/revoke-cert'
8
+ }
3
9
 
4
10
  def initialize(endpoint: DEFAULT_ENDPOINT, directory_uri: nil, private_key:)
5
11
  @endpoint, @private_key, @directory_uri = endpoint, private_key, directory_uri
data/lib/acme/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Acme
2
2
  class Client
3
- VERSION = '0.1.0'
3
+ VERSION = '0.1.1'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-08-15 00:00:00.000000000 Z
11
+ date: 2015-09-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler