letsencrypt-cli 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/lib/letsencrypt/cli/acme_wrapper.rb +16 -1
- data/lib/letsencrypt/cli/app.rb +8 -1
- data/lib/letsencrypt/cli/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7251081d8f3dd853b125c43b1fa7db980e7db06e
|
4
|
+
data.tar.gz: 684292ac3a356c97695d54844569c71360ad2031
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 36698d3993b69182c14159541c3cdac47b2adc81b6bbe1e151c831d1c30f9c5fc7b11d6c7966d3eb20d30c9ae8d08de876d286e14e83e466028acf4fdfcd3ef4
|
7
|
+
data.tar.gz: 7058f1ce08fa09ef1516de2958da9d410c0a73fbff267385349dee97823e116bda8305ce9b99b9175b0df5a9b558506d79a6a1e5447cdf2600a540abe401e84a
|
data/README.md
CHANGED
@@ -38,14 +38,22 @@ letsencrypt-cli authorize_all -t --webroot-path /var/www/default
|
|
38
38
|
|
39
39
|
# create a certificate for before authorized domains.
|
40
40
|
# the first domain will be the cn subject. All other are subjectAlternateName
|
41
|
+
# if cert.pem already exists, will only create a new one if the old is expired
|
42
|
+
# (30 days before expiration) -> see full help
|
43
|
+
letsencrypt-cli help cert
|
44
|
+
|
41
45
|
letsencrypt-cli cert -t example.com www.example.com somdir.example.com
|
42
46
|
# will create key.pem fullchain.pem chain.pem and cert.pem
|
47
|
+
|
48
|
+
|
49
|
+
# checks validation date of given certificate. Exists non-zero if not exists or
|
50
|
+
# will expire in 30 days
|
51
|
+
letsencrypt-cli check --days-valid 30 cert.pem
|
43
52
|
```
|
44
53
|
|
45
54
|
|
46
55
|
## Example integration nginx:
|
47
56
|
|
48
|
-
|
49
57
|
```nginx
|
50
58
|
server {
|
51
59
|
listen 80;
|
@@ -1,6 +1,5 @@
|
|
1
1
|
require 'json'
|
2
2
|
require 'acme-client'
|
3
|
-
require 'pry'
|
4
3
|
|
5
4
|
class AcmeWrapper
|
6
5
|
def initialize(options)
|
@@ -90,6 +89,22 @@ class AcmeWrapper
|
|
90
89
|
log "Certificate valid until: #{certificate.x509.not_after}"
|
91
90
|
end
|
92
91
|
|
92
|
+
def check_certificate(path)
|
93
|
+
unless File.exists?(path)
|
94
|
+
log "Certificate #{path} does not exists", :warn
|
95
|
+
return false
|
96
|
+
end
|
97
|
+
cert = OpenSSL::X509::Certificate.new(File.read(path))
|
98
|
+
renew_on = cert.not_after.to_date - @options[:days_valid]
|
99
|
+
log "Certificate '#{path}' valid until #{cert.not_after.to_date}.", :info
|
100
|
+
if Date.today >= renew_on
|
101
|
+
log "Certificate '#{path}' should be renewed!", :warn
|
102
|
+
return false
|
103
|
+
else
|
104
|
+
true
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
93
108
|
private
|
94
109
|
|
95
110
|
def certificate_exists_and_valid?
|
data/lib/letsencrypt/cli/app.rb
CHANGED
@@ -62,8 +62,15 @@ module Letsencrypt
|
|
62
62
|
wrapper.cert(domains)
|
63
63
|
end
|
64
64
|
|
65
|
-
|
65
|
+
desc "check PATH_TO_CERTIFICATE", "checks, if a given certificate exists and is valid until DAYS_VALID"
|
66
|
+
method_option :days_valid, desc: "If the --certificate-path already exists, only create new stuff, if that certificate isn't valid for less than the given number of days", default: 30, type: :numeric
|
67
|
+
def check(path)
|
68
|
+
if !wrapper.check_certificate(path)
|
69
|
+
exit 1
|
70
|
+
end
|
71
|
+
end
|
66
72
|
|
73
|
+
map %w[--version -v] => :__print_version
|
67
74
|
desc "--version, -v", "print the version"
|
68
75
|
def __print_version
|
69
76
|
puts Letsencrypt::Cli::VERSION
|