acme-client 2.0.0 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ccaa8fb7fadbae1a6d93f99ad319ca95261994cbec494ab885028aae2f894a6a
4
- data.tar.gz: 224d05d0f66cb37ffcbcf1bf05f649e0278dc097518b927dcc4a2e635ba29357
3
+ metadata.gz: 64374fceebb44c96455db6bda3486fdff6afcb54548fb073177d972ddfe5ea58
4
+ data.tar.gz: fcfe92ab66fe177c4ead06cf605f9207187250cafae6b6135e3b941fb20b9ed2
5
5
  SHA512:
6
- metadata.gz: c461b3d255fc35d3b21411632ff4f26700fd0969547f8a7a93879c719e2383f58badfc0278bc45df4780b293094af3b2d560494ac3f00076dae23affbe697682
7
- data.tar.gz: 477869ea08075d8e9d70afa80f4576f6a0ffb936bfb70244b0bf6f8d34d2da593d76acf6231d266fd920eeb0fbf4045e4605869c77f9b06377487cbb4902c014
6
+ metadata.gz: 81a260cebd6797af5f1bfd2fc9249fb8969aa69eaf806c9849fc37ffe327a03a5eec8287606297d4d2bf62cdcfcde4a182d96fac5de0d58b4771b81d2b0aa45d
7
+ data.tar.gz: 2231b13253d255bc83004fd67d17bfcbf69ab94d593c4bc41f9509ef11a1f49a947bf01921334fed4e024184ad96d5fd595e11f2d8e9790b2d27a3ecb963c761
@@ -1,3 +1,11 @@
1
+ ## `2.0.0`
2
+
3
+ * Release of the `ACMEv2` branch
4
+
5
+ ## `1.0.0`
6
+
7
+ * Development for `ACMEv1` moved into `1.0.x`
8
+
1
9
  ## `0.6.3`
2
10
 
3
11
  * Handle Faraday::ConnectionFailed errors as Timeout error.
data/README.md CHANGED
@@ -41,7 +41,7 @@ The client is initialized with a private key and the directory of your ACME prov
41
41
 
42
42
  LetsEncrypt's `directory` is `https://acme-v02.api.letsencrypt.org/directory`.
43
43
 
44
- They also have a staging enpoind at `https://acme-staging-v02.api.letsencrypt.org/directory`.
44
+ They also have a staging endpoint at `https://acme-staging-v02.api.letsencrypt.org/directory`.
45
45
 
46
46
  `acme-ruby` expects `OpenSSL::PKey::RSA` or `OpenSSL::PKey::EC`
47
47
 
@@ -89,6 +89,16 @@ account = client.new_account(contact: 'mailto:info@example.com', terms_of_servic
89
89
  account.kid # => <kid string>
90
90
  ```
91
91
 
92
+ If you already have an existing account (for example one created in ACME v1) please note that unless the `kid` is provided at initialization, the client will lazy load the `kid` by doing a `POST` to `newAccount` whenever the `kid` is required. Therefore, you can easily get your `kid` for an existing account and (if needed) store it for reuse:
93
+
94
+ ```
95
+ client = Acme::Client.new(private_key: private_key, directory: 'https://acme-staging-v02.api.letsencrypt.org/directory')
96
+
97
+ # kid is not set, therefore a call to newAccount is made to lazy-initialize the kid
98
+ client.kid
99
+ => "https://acme-staging-v02.api.letsencrypt.org/acme/acct/000000"
100
+ ```
101
+
92
102
  ## Obtaining a certificate
93
103
  ### Ordering a certificate
94
104
 
@@ -96,7 +106,7 @@ To order a new certificate, the client must provide a list of identifiers.
96
106
 
97
107
  The returned order will contain a list of `Authorization` that need to be completed in other to finalize the order, generally one per identifier.
98
108
 
99
- Each authorization contains multiple challenges, typically a `dns-01` and a `http-01` challenge. The applicant is only required to complete one the challenges.
109
+ Each authorization contains multiple challenges, typically a `dns-01` and a `http-01` challenge. The applicant is only required to complete one of the challenges.
100
110
 
101
111
  You can access the challenge you wish to complete using the `#dns` or `#http` method.
102
112
 
@@ -151,7 +161,7 @@ challenge.request_validation
151
161
 
152
162
  The validation is performed asynchronously and can take some time to be performed by the server.
153
163
 
154
- You can poll until its status change.
164
+ You can poll until its status changes.
155
165
 
156
166
  ```ruby
157
167
  while challenge.status == 'pending'
@@ -165,12 +175,12 @@ challenge.status # => 'valid'
165
175
 
166
176
  Once all required authorizations have been validated through challenges, the order can be finalized using a CSR ([Certificate Signing Request](https://en.wikipedia.org/wiki/Certificate_signing_request)).
167
177
 
168
- A CSR can be slightly tricky to generate using OpenSSL from Ruby standard library. `acme-client` provide a utility class `CertificateRequest` to help with that.
178
+ A CSR can be slightly tricky to generate using OpenSSL from Ruby standard library. `acme-client` provide a utility class `CertificateRequest` to help with that. You'll need to use a different private key for the certificate request than the one you use for your `Acme::Client` account.
169
179
 
170
180
  Certificate generation happens asynchronously. You may need to poll.
171
181
 
172
182
  ```ruby
173
- csr = Acme::Client::CertificateRequest.new(private_key: private_key, subject: { common_name: 'example.com' })
183
+ csr = Acme::Client::CertificateRequest.new(private_key: a_different_private_key, subject: { common_name: 'example.com' })
174
184
  order.finalize(csr: csr)
175
185
  sleep(1) while order.status == 'processing'
176
186
  order.certificate # => PEM-formatted certificate
@@ -7,6 +7,7 @@ require 'digest'
7
7
  require 'forwardable'
8
8
  require 'base64'
9
9
  require 'time'
10
+ require 'uri'
10
11
 
11
12
  module Acme; end
12
13
  class Acme::Client; end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Acme
4
4
  class Client
5
- VERSION = '2.0.0'.freeze
5
+ VERSION = '2.0.1'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: acme-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Charles Barbier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-05-03 00:00:00.000000000 Z
11
+ date: 2018-08-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler