digicert-cli 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +58 -60
- data/digicert-cli.gemspec +1 -1
- data/lib/digicert/cli/command.rb +3 -5
- data/lib/digicert/cli/commands/certificate.rb +16 -2
- data/lib/digicert/cli/commands/config.rb +14 -0
- data/lib/digicert/cli/commands/order.rb +1 -1
- data/lib/digicert/cli/order_reissuer.rb +2 -2
- data/lib/digicert/cli/version.rb +1 -1
- data/lib/digicert/cli.rb +1 -1
- data/spec/acceptance/config_spec.rb +1 -1
- data/spec/acceptance/reissuing_order_spec.rb +2 -2
- data/spec/digicert/cli/order_reissuer_spec.rb +7 -9
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1fa2d7e5026e875023b032636e24d21a72feb173
|
4
|
+
data.tar.gz: ad33ef4c2e362670145debc01dff0a5e49ea1b57
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 19b637e487da602a4263d63a958638bc68f84e627096f1e33f023b06d4caba76c107bc6c52ffcb5a0d3724bc65c8b8c3b812a4927999477321f05f28adc6f435
|
7
|
+
data.tar.gz: b845b66a2bf1748bc457de4bc37f99be770f94cefdfc6f7656cf73b5920a0f78a19bc9e1fc94cc733d5324040ebd47378d236d22ec0bde339de9f43603ef28d4
|
data/README.md
CHANGED
@@ -12,12 +12,12 @@ certificates and etc using [Digicert Ruby Client].
|
|
12
12
|
|
13
13
|
## Configure
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
15
|
+
The `CLI` commands are heavily dependent on the Digicert API. Please
|
16
|
+
[follow the instruction here] to request an API Key from Digicert, Once you have
|
17
|
+
your API key then you can configure it using the `config` command.
|
18
18
|
|
19
19
|
```sh
|
20
|
-
digicert config
|
20
|
+
$ digicert config api-key YOUR_API_KEY
|
21
21
|
```
|
22
22
|
|
23
23
|
## Usages
|
@@ -28,9 +28,9 @@ We have been trying to simplify the `CLI` with proper `help` documentation. Each
|
|
28
28
|
of the `command` and `subcommand` should provide you the basic usages guide with
|
29
29
|
the list of supported options.
|
30
30
|
|
31
|
-
|
32
|
-
|
33
|
-
|
31
|
+
The parent command should fire up the `help` documentation, but if it does not
|
32
|
+
then you can explicitly call the `help` command or pass `-h` flags with any of
|
33
|
+
the command and that should fire up the documentation. For example
|
34
34
|
|
35
35
|
```sh
|
36
36
|
$ digicert help
|
@@ -39,15 +39,15 @@ $ digicert help
|
|
39
39
|
```sh
|
40
40
|
Commands:
|
41
41
|
digicert certificate # Manage Digicert Certificates
|
42
|
-
digicert config
|
42
|
+
digicert config # Configure The CLI Client
|
43
43
|
digicert csr # Fetch/generate Certificate CSR
|
44
44
|
digicert help [COMMAND] # Describe available / One specific command
|
45
45
|
digicert order # Manage Digicert Orders
|
46
46
|
```
|
47
47
|
|
48
|
-
The above command lists the available commands with a basic description
|
49
|
-
|
50
|
-
up the usages
|
48
|
+
The above command lists the available commands with a basic description. As you
|
49
|
+
might have noticed, it also ships with a `help` command which can be used to
|
50
|
+
fire up the usages guide and options for it's nested command.
|
51
51
|
|
52
52
|
```sh
|
53
53
|
# digicert order -h
|
@@ -62,16 +62,16 @@ Commands:
|
|
62
62
|
digicert order reissue ORDER_ID # Reissue digicert order
|
63
63
|
```
|
64
64
|
|
65
|
-
Hopefully you get the idea, we
|
65
|
+
Hopefully you get the idea, we are trying our best to keep this guide up to date
|
66
66
|
but whenever you need some more information please add the `-h` flags with any
|
67
|
-
commands or subcommands and you should see
|
67
|
+
commands or subcommands and you should see more accurate help documentation.
|
68
68
|
|
69
69
|
### Orders
|
70
70
|
|
71
71
|
#### Listing Orders
|
72
72
|
|
73
|
-
|
74
|
-
configured then we can list all of our orders using the `list`
|
73
|
+
The `CLI` made listing Digicert orders pretty simple, once we have our API key
|
74
|
+
configured then we can list all of our orders using the `order list` command.
|
75
75
|
|
76
76
|
```sh
|
77
77
|
$ digicert order list
|
@@ -87,31 +87,30 @@ $ digicert order list
|
|
87
87
|
+---------------+---------------+------------------+-------------+-------------+
|
88
88
|
```
|
89
89
|
|
90
|
-
The above
|
91
|
-
|
92
|
-
|
93
|
-
through the `--filter` option and expect the value to be in `key:value` format.
|
90
|
+
The above command without any option will list out all of our Digicert orders,
|
91
|
+
but if we need to filter those orders then we can do that by passing `--filter`
|
92
|
+
option and the expected values as in `key:value` pair.
|
94
93
|
|
95
|
-
For example,
|
96
|
-
|
94
|
+
For example, to list all of the orders that has product type of `ssl_wildcard`
|
95
|
+
we can use the following and it will list only the filtered orders.
|
97
96
|
|
98
97
|
```sh
|
99
98
|
$ digicert order list --filter 'product_name_id:ssl_wildcard'
|
100
99
|
```
|
101
100
|
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
supported filtering options.
|
101
|
+
Supported filters options are `date_created`, `valid_till`, `status`, `search`,
|
102
|
+
`common_name` and `product_name_id`. Please [check the wiki] for more uptodate
|
103
|
+
filter options list.
|
106
104
|
|
107
105
|
#### Find an order
|
108
106
|
|
109
|
-
|
110
|
-
|
107
|
+
To find an order we can use `order find` command, by default it will print the
|
108
|
+
order details in the console but this command also supports the normal filter
|
109
|
+
options as described on the listing order section.
|
111
110
|
|
112
111
|
One important thing to remember, it will only retrieve one single entry, so if
|
113
112
|
you have multiple orders in your specified terms then it will only retrieve the
|
114
|
-
most recent one
|
113
|
+
most recent one from that list.
|
115
114
|
|
116
115
|
```sh
|
117
116
|
$ digicert order find --filter 'common_name:ribosetest.com' 'product_name_id:ssl_plus'
|
@@ -122,27 +121,26 @@ $ digicert order find --filter 'common_name:ribosetest.com' 'product_name_id:ssl
|
|
122
121
|
..........................id=xxxx08 price=xxxx, product_name_id="ssl_plus">
|
123
122
|
```
|
124
123
|
|
125
|
-
|
126
|
-
can pass the `--quiet` flags
|
124
|
+
Lots of information? Well, if you don't need that much details and only need the
|
125
|
+
`ID` then you can pass the `--quiet` flags and it will only print the order id.
|
127
126
|
|
128
127
|
#### Reissue an order
|
129
128
|
|
130
|
-
To reissue a non-expired order we can use the `reissue`
|
131
|
-
order id
|
132
|
-
but
|
133
|
-
`--crt`.
|
129
|
+
To reissue a non-expired order we can use the `order reissue` command and pass
|
130
|
+
the order id. By default it will reissue the order using the existing details
|
131
|
+
but we can update that by passing the certificate CSR as`--csr`
|
134
132
|
|
135
133
|
```sh
|
136
|
-
$ digicert order reissue 12345 --
|
134
|
+
$ digicert order reissue 12345 --csr path_to_the_new_csr.csr
|
137
135
|
```
|
138
136
|
|
139
137
|
```sh
|
140
138
|
Reissue request xxxxx8 created for order - 123456
|
141
139
|
```
|
142
140
|
|
143
|
-
Pretty cool right? The above
|
144
|
-
can use to download the
|
145
|
-
|
141
|
+
Pretty cool right? The above command also support `--output` option that we
|
142
|
+
can use to download the reissued certificates. To download we need to provide a
|
143
|
+
valid path and it will automatically download the certificates to it
|
146
144
|
|
147
145
|
```sh
|
148
146
|
$ digicert order reissue 123456 --output /path/to/downloads
|
@@ -163,9 +161,10 @@ Downloaded certificate to:
|
|
163
161
|
|
164
162
|
#### Fetch a certificate
|
165
163
|
|
166
|
-
The `fetch`
|
167
|
-
default it will print out the detail in the console but if we
|
168
|
-
|
164
|
+
The `certificate fetch` command retrieves the certificate for any specific order,
|
165
|
+
by default it will print out the certificate detail in the console but if we can
|
166
|
+
change it by passing additional option to it. Like the `--quiet` flags will only
|
167
|
+
return the certificate id instead of all the details
|
169
168
|
|
170
169
|
```sh
|
171
170
|
$ digicert certificate fetch 123456789 --quiet
|
@@ -173,19 +172,17 @@ $ digicert certificate fetch 123456789 --quiet
|
|
173
172
|
|
174
173
|
#### Download a certificate
|
175
174
|
|
176
|
-
To download a certificate we can use the same `fetch`
|
177
|
-
`--output` option. Based on the `--output` option
|
178
|
-
|
179
|
-
the output path, to download a certificate we can do
|
175
|
+
To download a certificate we can use the same `certificate fetch` command but
|
176
|
+
with the `--output` option. Based on the `--output` option this command will
|
177
|
+
fetch and download the certificates to the provided path.
|
180
178
|
|
181
179
|
```sh
|
182
180
|
$ digicert certificate fetch 123456 --output /path/to/downloads
|
183
181
|
```
|
184
182
|
|
185
|
-
The
|
186
|
-
|
187
|
-
the `
|
188
|
-
the `order-id` or `certificate-id`.
|
183
|
+
The `fetch` command only works with the `order_id` but what if we have the
|
184
|
+
certificate id? Well, we have another command `certificate download` which
|
185
|
+
supports both the `--order-id` and the `certificate-id`.
|
189
186
|
|
190
187
|
```sh
|
191
188
|
$ digicert certificate download --order-id 654321 --output /downloads
|
@@ -195,8 +192,8 @@ $ digicert certificate download --certificate-id 123456 --output /downloads
|
|
195
192
|
#### List duplicate certificates
|
196
193
|
|
197
194
|
Digicert allows us to duplicate a certificate and if we want to list all of the
|
198
|
-
duplicates then we can use the `duplicates`
|
199
|
-
to provide the `order-id` to list the duplicates
|
195
|
+
duplicates then we can use the `certificate duplicates` command. It expects us
|
196
|
+
to provide the `order-id` to list all the duplicates
|
200
197
|
|
201
198
|
```sh
|
202
199
|
$ digicert certificate duplicates 123456
|
@@ -216,8 +213,8 @@ $ digicert certificate duplicates 123456
|
|
216
213
|
#### Fetch an order's CSR
|
217
214
|
|
218
215
|
Retrieving a `CSR` is pretty easy, if we have an order id and we want retrieve
|
219
|
-
it's `CSR` then we can use the `fetch`
|
220
|
-
|
216
|
+
it's `CSR` then we can use the `csr fetch` command and it will print out the
|
217
|
+
details in the console.
|
221
218
|
|
222
219
|
```sh
|
223
220
|
$ digicert csr fetch 123456
|
@@ -225,18 +222,18 @@ $ digicert csr fetch 123456
|
|
225
222
|
|
226
223
|
#### Generate a new CSR
|
227
224
|
|
228
|
-
Digicert gem usages a third party library to generate a CSR, and
|
229
|
-
included that
|
230
|
-
|
231
|
-
|
225
|
+
Digicert gem usages a third party library to generate a CSR, and this CLI
|
226
|
+
included that to simply the `CSR` generation, so if we need to generate a new
|
227
|
+
`CSR` then we can use the `csr generate` command and pass the order id with a
|
228
|
+
key file and it will generate a new CSR.
|
232
229
|
|
233
230
|
```sh
|
234
231
|
$ digicert csr generate --oreder-id 12345 --key /path/to/the/key-file.key
|
235
232
|
```
|
236
233
|
|
237
|
-
This
|
238
|
-
pass those as `--common-name` and `--san` and it will
|
239
|
-
|
234
|
+
This command also supports custom details like `common-name` and `san`. We can
|
235
|
+
pass those as `--common-name` and the `--san` and it will use those to generate
|
236
|
+
the `CSR`
|
240
237
|
|
241
238
|
```sh
|
242
239
|
$ digicert csr generate --common-name ribosetest.com --order-id 1234 \
|
@@ -299,3 +296,4 @@ This gem is developed, maintained and funded by [Ribose Inc.][riboseinc]
|
|
299
296
|
[Digicert CLI]: https://github.com/riboseinc/digicert-cli
|
300
297
|
[Digicert Ruby Client]: https://github.com/riboseinc/digicert
|
301
298
|
[check the wiki]: https://github.com/riboseinc/digicert-cli/wiki
|
299
|
+
[follow the instruction here]: https://www.digicert.com/rest-api
|
data/digicert-cli.gemspec
CHANGED
@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
|
|
21
21
|
spec.executables = "digicert"
|
22
22
|
|
23
23
|
spec.add_dependency "thor", "~> 0.19.4"
|
24
|
-
spec.add_dependency "digicert", "~> 0.
|
24
|
+
spec.add_dependency "digicert", "~> 0.2.0"
|
25
25
|
spec.add_dependency "openssl", ">= 2.0.3"
|
26
26
|
spec.add_dependency "terminal-table"
|
27
27
|
|
data/lib/digicert/cli/command.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
|
-
require "digicert/cli/rcfile"
|
2
1
|
require "digicert/cli/commands/csr"
|
3
2
|
require "digicert/cli/commands/order"
|
3
|
+
require "digicert/cli/commands/config"
|
4
4
|
require "digicert/cli/commands/certificate"
|
5
5
|
|
6
6
|
module Digicert
|
@@ -15,10 +15,8 @@ module Digicert
|
|
15
15
|
desc "certificate", "Manage Digicert Certificates"
|
16
16
|
subcommand :certificate, Digicert::CLI::Commands::Certificate
|
17
17
|
|
18
|
-
desc "config
|
19
|
-
|
20
|
-
Digicert::CLI::RCFile.set_key(api_key)
|
21
|
-
end
|
18
|
+
desc "config", "Configure The CLI Client"
|
19
|
+
subcommand :config, Digicert::CLI::Commands::Config
|
22
20
|
end
|
23
21
|
end
|
24
22
|
end
|
@@ -15,10 +15,18 @@ module Digicert
|
|
15
15
|
desc "download [RSOURCE_OPTION]", "Download a certificate"
|
16
16
|
option :order_id, aliases: "-i", desc: "Digicert order ID"
|
17
17
|
option :certificate_id, aliases: "-c", desc: "The certificate ID"
|
18
|
-
|
18
|
+
|
19
|
+
option(
|
20
|
+
:output,
|
21
|
+
aliases: "-o",
|
22
|
+
default: Dir.pwd,
|
23
|
+
desc: "Path to download the certificate",
|
24
|
+
)
|
19
25
|
|
20
26
|
def download
|
21
|
-
say(certificate_instance.download)
|
27
|
+
required_option_exists? || say(certificate_instance.download)
|
28
|
+
rescue Digicert::Errors::RequestError
|
29
|
+
say("Invalid Resource ID")
|
22
30
|
end
|
23
31
|
|
24
32
|
desc "duplicates ORDER_ID", "List duplicate certificates"
|
@@ -31,6 +39,12 @@ module Digicert
|
|
31
39
|
def certificate_instance(id_attribute = {})
|
32
40
|
Digicert::CLI::Certificate.new(options.merge(id_attribute))
|
33
41
|
end
|
42
|
+
|
43
|
+
def required_option_exists?
|
44
|
+
unless options[:order_id] || options[:certificate_id]
|
45
|
+
say("You must provide either `--order_id` or `--certificate_id`.")
|
46
|
+
end
|
47
|
+
end
|
34
48
|
end
|
35
49
|
end
|
36
50
|
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
require "digicert/cli/rcfile"
|
2
|
+
|
3
|
+
module Digicert
|
4
|
+
module CLI
|
5
|
+
module Commands
|
6
|
+
class Config < Thor
|
7
|
+
desc "api-key API_KEY", "Configure Your Digicert API Key"
|
8
|
+
def api_key(api_key)
|
9
|
+
Digicert::CLI::RCFile.set_key(api_key)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -21,7 +21,7 @@ module Digicert
|
|
21
21
|
end
|
22
22
|
|
23
23
|
desc "reissue ORDER_ID", "Reissue digicert order"
|
24
|
-
option :
|
24
|
+
option :csr, desc: "The CSR content from a file"
|
25
25
|
option :output, aliases: "-o", desc: "Path to download certificates"
|
26
26
|
|
27
27
|
def reissue(order_id)
|
@@ -19,7 +19,7 @@ module Digicert
|
|
19
19
|
attr_reader :csr_file, :output_path
|
20
20
|
|
21
21
|
def extract_local_attributes(options)
|
22
|
-
@csr_file = options.fetch(:
|
22
|
+
@csr_file = options.fetch(:csr, nil)
|
23
23
|
@output_path = options.fetch(:output, "/tmp")
|
24
24
|
end
|
25
25
|
|
@@ -32,7 +32,7 @@ module Digicert
|
|
32
32
|
order_params[:order_id] = order_id
|
33
33
|
|
34
34
|
if csr_file && File.exists?(csr_file)
|
35
|
-
order_params[:
|
35
|
+
order_params[:csr] = File.read(csr_file)
|
36
36
|
end
|
37
37
|
end
|
38
38
|
end
|
data/lib/digicert/cli/version.rb
CHANGED
data/lib/digicert/cli.rb
CHANGED
@@ -37,7 +37,7 @@ module Digicert
|
|
37
37
|
Thor::Shell::Basic.new.say(
|
38
38
|
"Invalid: Missing API KEY\n\n" \
|
39
39
|
"A valid Digicert API key is required for any of the CLI operation\n" \
|
40
|
-
"You can set your API Key using `digicert config
|
40
|
+
"You can set your API Key using `digicert config api-key YOUR_API_KEY`",
|
41
41
|
)
|
42
42
|
end
|
43
43
|
end
|
@@ -3,7 +3,7 @@ require "spec_helper"
|
|
3
3
|
RSpec.describe "Config" do
|
4
4
|
describe "configuring key" do
|
5
5
|
it "stores the provided api key" do
|
6
|
-
command = %w(config DIGICERT_SECRET_KEY)
|
6
|
+
command = %w(config api-key DIGICERT_SECRET_KEY)
|
7
7
|
allow(Digicert::CLI::RCFile).to receive(:set_key)
|
8
8
|
|
9
9
|
Digicert::CLI.start(command)
|
@@ -5,12 +5,12 @@ RSpec.describe "Order reissuing" do
|
|
5
5
|
context "reissue with new csr" do
|
6
6
|
it "reissues an order with the provided csr" do
|
7
7
|
mock_digicert_order_reissuer_create_message_chain
|
8
|
-
command = %w(order reissue 123456 --
|
8
|
+
command = %w(order reissue 123456 --csr ./spec/fixtures/rsa4096.csr)
|
9
9
|
|
10
10
|
Digicert::CLI.start(command)
|
11
11
|
|
12
12
|
expect(Digicert::CLI::OrderReissuer).to have_received(:new).
|
13
|
-
with(order_id: "123456",
|
13
|
+
with(order_id: "123456", csr: "./spec/fixtures/rsa4096.csr")
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
@@ -22,11 +22,11 @@ RSpec.describe Digicert::CLI::OrderReissuer do
|
|
22
22
|
allow(Digicert::OrderReissuer).to receive(:create)
|
23
23
|
|
24
24
|
Digicert::CLI::OrderReissuer.new(
|
25
|
-
order_id: order_id,
|
25
|
+
order_id: order_id, csr: csr_file,
|
26
26
|
).create
|
27
27
|
|
28
28
|
expect(Digicert::OrderReissuer).to have_received(:create).with(
|
29
|
-
order_id: order_id,
|
29
|
+
order_id: order_id, csr: File.read(csr_file),
|
30
30
|
)
|
31
31
|
end
|
32
32
|
end
|
@@ -62,13 +62,11 @@ RSpec.describe Digicert::CLI::OrderReissuer do
|
|
62
62
|
|
63
63
|
def order_attributes(order)
|
64
64
|
{
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
server_platform: { id: 45 },
|
71
|
-
},
|
65
|
+
common_name: order.certificate.common_name,
|
66
|
+
dns_names: order.certificate.dns_names,
|
67
|
+
csr: order.certificate.csr,
|
68
|
+
signature_hash: order.certificate.signature_hash,
|
69
|
+
server_platform: { id: 45 },
|
72
70
|
}
|
73
71
|
end
|
74
72
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: digicert-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ribose Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-10-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: 0.2.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.
|
40
|
+
version: 0.2.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: openssl
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -149,6 +149,7 @@ files:
|
|
149
149
|
- lib/digicert/cli/certificate_downloader.rb
|
150
150
|
- lib/digicert/cli/command.rb
|
151
151
|
- lib/digicert/cli/commands/certificate.rb
|
152
|
+
- lib/digicert/cli/commands/config.rb
|
152
153
|
- lib/digicert/cli/commands/csr.rb
|
153
154
|
- lib/digicert/cli/commands/order.rb
|
154
155
|
- lib/digicert/cli/csr.rb
|