acme-client 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ccaa8fb7fadbae1a6d93f99ad319ca95261994cbec494ab885028aae2f894a6a
4
- data.tar.gz: 224d05d0f66cb37ffcbcf1bf05f649e0278dc097518b927dcc4a2e635ba29357
3
+ metadata.gz: 64374fceebb44c96455db6bda3486fdff6afcb54548fb073177d972ddfe5ea58
4
+ data.tar.gz: fcfe92ab66fe177c4ead06cf605f9207187250cafae6b6135e3b941fb20b9ed2
5
5
  SHA512:
6
- metadata.gz: c461b3d255fc35d3b21411632ff4f26700fd0969547f8a7a93879c719e2383f58badfc0278bc45df4780b293094af3b2d560494ac3f00076dae23affbe697682
7
- data.tar.gz: 477869ea08075d8e9d70afa80f4576f6a0ffb936bfb70244b0bf6f8d34d2da593d76acf6231d266fd920eeb0fbf4045e4605869c77f9b06377487cbb4902c014
6
+ metadata.gz: 81a260cebd6797af5f1bfd2fc9249fb8969aa69eaf806c9849fc37ffe327a03a5eec8287606297d4d2bf62cdcfcde4a182d96fac5de0d58b4771b81d2b0aa45d
7
+ data.tar.gz: 2231b13253d255bc83004fd67d17bfcbf69ab94d593c4bc41f9509ef11a1f49a947bf01921334fed4e024184ad96d5fd595e11f2d8e9790b2d27a3ecb963c761
@@ -1,3 +1,11 @@
1
+ ## `2.0.0`
2
+
3
+ * Release of the `ACMEv2` branch
4
+
5
+ ## `1.0.0`
6
+
7
+ * Development for `ACMEv1` moved into `1.0.x`
8
+
1
9
  ## `0.6.3`
2
10
 
3
11
  * Handle Faraday::ConnectionFailed errors as Timeout error.
data/README.md CHANGED
@@ -41,7 +41,7 @@ The client is initialized with a private key and the directory of your ACME prov
41
41
 
42
42
  LetsEncrypt's `directory` is `https://acme-v02.api.letsencrypt.org/directory`.
43
43
 
44
- They also have a staging enpoind at `https://acme-staging-v02.api.letsencrypt.org/directory`.
44
+ They also have a staging endpoint at `https://acme-staging-v02.api.letsencrypt.org/directory`.
45
45
 
46
46
  `acme-ruby` expects `OpenSSL::PKey::RSA` or `OpenSSL::PKey::EC`
47
47
 
@@ -89,6 +89,16 @@ account = client.new_account(contact: 'mailto:info@example.com', terms_of_servic
89
89
  account.kid # => <kid string>
90
90
  ```
91
91
 
92
+ If you already have an existing account (for example one created in ACME v1) please note that unless the `kid` is provided at initialization, the client will lazy load the `kid` by doing a `POST` to `newAccount` whenever the `kid` is required. Therefore, you can easily get your `kid` for an existing account and (if needed) store it for reuse:
93
+
94
+ ```
95
+ client = Acme::Client.new(private_key: private_key, directory: 'https://acme-staging-v02.api.letsencrypt.org/directory')
96
+
97
+ # kid is not set, therefore a call to newAccount is made to lazy-initialize the kid
98
+ client.kid
99
+ => "https://acme-staging-v02.api.letsencrypt.org/acme/acct/000000"
100
+ ```
101
+
92
102
  ## Obtaining a certificate
93
103
  ### Ordering a certificate
94
104
 
@@ -96,7 +106,7 @@ To order a new certificate, the client must provide a list of identifiers.
96
106
 
97
107
  The returned order will contain a list of `Authorization` that need to be completed in other to finalize the order, generally one per identifier.
98
108
 
99
- Each authorization contains multiple challenges, typically a `dns-01` and a `http-01` challenge. The applicant is only required to complete one the challenges.
109
+ Each authorization contains multiple challenges, typically a `dns-01` and a `http-01` challenge. The applicant is only required to complete one of the challenges.
100
110
 
101
111
  You can access the challenge you wish to complete using the `#dns` or `#http` method.
102
112
 
@@ -151,7 +161,7 @@ challenge.request_validation
151
161
 
152
162
  The validation is performed asynchronously and can take some time to be performed by the server.
153
163
 
154
- You can poll until its status change.
164
+ You can poll until its status changes.
155
165
 
156
166
  ```ruby
157
167
  while challenge.status == 'pending'
@@ -165,12 +175,12 @@ challenge.status # => 'valid'
165
175
 
166
176
  Once all required authorizations have been validated through challenges, the order can be finalized using a CSR ([Certificate Signing Request](https://en.wikipedia.org/wiki/Certificate_signing_request)).
167
177
 
168
- A CSR can be slightly tricky to generate using OpenSSL from Ruby standard library. `acme-client` provide a utility class `CertificateRequest` to help with that.
178
+ A CSR can be slightly tricky to generate using OpenSSL from Ruby standard library. `acme-client` provide a utility class `CertificateRequest` to help with that. You'll need to use a different private key for the certificate request than the one you use for your `Acme::Client` account.
169
179
 
170
180
  Certificate generation happens asynchronously. You may need to poll.
171
181
 
172
182
  ```ruby
173
- csr = Acme::Client::CertificateRequest.new(private_key: private_key, subject: { common_name: 'example.com' })
183
+ csr = Acme::Client::CertificateRequest.new(private_key: a_different_private_key, subject: { common_name: 'example.com' })
174
184
  order.finalize(csr: csr)
175
185
  sleep(1) while order.status == 'processing'
176
186
  order.certificate # => PEM-formatted certificate
@@ -7,6 +7,7 @@ require 'digest'
7
7
  require 'forwardable'
8
8
  require 'base64'
9
9
  require 'time'
10
+ require 'uri'
10
11
 
11
12
  module Acme; end
12
13
  class Acme::Client; end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Acme
4
4
  class Client
5
- VERSION = '2.0.0'.freeze
5
+ VERSION = '2.0.1'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-03 00:00:00.000000000 Z
11
+ date: 2018-08-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler