letsencrypt-cli 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +3 -1
- data/CHANGELOG.md +64 -0
- data/letsencrypt-cli.gemspec +1 -1
- data/lib/letsencrypt/cli/acme_wrapper.rb +33 -10
- data/lib/letsencrypt/cli/app.rb +7 -0
- data/lib/letsencrypt/cli/version.rb +1 -1
- metadata +6 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a5daeb88cfefed35938043bd207c5f0da83e5459
|
4
|
+
data.tar.gz: c957d6ef5ff7b213b7c20e6d0cd1d29f71da898f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ca8f5bdbd2f673933c945bec5a952e327aa20e96c9e51c9e14d27c1eb9ccbe52fad6c0a4df1c721310d545a28c1613830203f7034601a62d64bd60f08e748a1c
|
7
|
+
data.tar.gz: 289b3b107fae7f86377a1606debc2dbccbd3eecdeecf128a1efb4c44fbc781acb2b2bc1230d9b152b30e0e12316d2a987175298639a847aa5c9f892ae3150760
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
ADDED
@@ -0,0 +1,64 @@
|
|
1
|
+
# Change Log
|
2
|
+
|
3
|
+
## [v0.3.0](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.3.0)
|
4
|
+
|
5
|
+
* Certificate creation checks if existing certificate includes all requested domains. If at least one is missing, a new cert will be requested
|
6
|
+
* Added Ruby 2.3.0 and Ruby head to the build matrix
|
7
|
+
|
8
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.2.0...v0.3.0)
|
9
|
+
|
10
|
+
## [v0.2.0](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.2.0)
|
11
|
+
|
12
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.4...v0.2.0)
|
13
|
+
|
14
|
+
**Closed issues:**
|
15
|
+
|
16
|
+
- cf1e0d9 Exit code 2, if certificate is still valid
|
17
|
+
|
18
|
+
**Merged pull requests:**
|
19
|
+
|
20
|
+
- Apply strict permissions on private key [\#4](https://github.com/zealot128/ruby-letsencrypt-cli/pull/4) ([zygiss](https://github.com/zygiss))
|
21
|
+
- Fix typo in README [\#2](https://github.com/zealot128/ruby-letsencrypt-cli/pull/2) ([kenrick](https://github.com/kenrick))
|
22
|
+
|
23
|
+
## [v0.1.4](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.4) (2015-12-08)
|
24
|
+
|
25
|
+
* require higher acme-client version, that generated correct fullchain certs.
|
26
|
+
fullchain.pem is chain.pem + cert.pem, should be cert.pem + chain.pem [\#1](https://github.com/zealot128/ruby-letsencrypt-cli/issues/1)
|
27
|
+
|
28
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.3...v0.1.4)
|
29
|
+
|
30
|
+
## [v0.1.3](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.3) (2015-12-06)
|
31
|
+
|
32
|
+
* Fixed registration
|
33
|
+
* Added various specs
|
34
|
+
|
35
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.2...v0.1.3)
|
36
|
+
|
37
|
+
## [v0.1.2](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.2) (2015-12-05)
|
38
|
+
|
39
|
+
* Added manage command
|
40
|
+
* Improved nginx doc + Ruby installation
|
41
|
+
|
42
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.1...v0.1.2)
|
43
|
+
|
44
|
+
## [v0.1.1](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.1) (2015-12-05)
|
45
|
+
|
46
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.0...v0.1.1)
|
47
|
+
|
48
|
+
* b654469 new command: check PATH_TO_CERT
|
49
|
+
|
50
|
+
## [v0.1.0](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.0) (2015-12-05)
|
51
|
+
|
52
|
+
* released first public version
|
53
|
+
* added --version flag
|
54
|
+
* added explicit production server
|
55
|
+
|
56
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.0.beta1...v0.1.0)
|
57
|
+
|
58
|
+
## [v0.1.0.beta1](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.0.beta1) (2015-12-05)
|
59
|
+
[Full Changelog](https://github.com/zealot128/ruby-letsencrypt-cli/compare/v0.1.0.pre...v0.1.0.beta1)
|
60
|
+
|
61
|
+
## [v0.1.0.pre](https://github.com/zealot128/ruby-letsencrypt-cli/tree/v0.1.0.pre) (2015-12-05)
|
62
|
+
|
63
|
+
|
64
|
+
\* *This Change Log was (partially) automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
|
data/letsencrypt-cli.gemspec
CHANGED
@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
|
|
19
19
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
20
20
|
spec.require_paths = ["lib"]
|
21
21
|
|
22
|
-
spec.add_runtime_dependency 'acme-client', '>= 0.2.
|
22
|
+
spec.add_runtime_dependency 'acme-client', '>= 0.2.4'
|
23
23
|
spec.add_runtime_dependency 'thor'
|
24
24
|
spec.add_runtime_dependency 'colorize'
|
25
25
|
|
@@ -53,7 +53,7 @@ class AcmeWrapper
|
|
53
53
|
end
|
54
54
|
|
55
55
|
def cert(domains)
|
56
|
-
return if
|
56
|
+
return if certificate_exists_and_valid_and_all_domains_included?(domains)
|
57
57
|
csr = OpenSSL::X509::Request.new
|
58
58
|
certificate_private_key = find_or_create_pkey(@options[:private_key_path], "private key", @options[:key_length] || 2048)
|
59
59
|
|
@@ -105,18 +105,41 @@ class AcmeWrapper
|
|
105
105
|
end
|
106
106
|
end
|
107
107
|
|
108
|
+
def revoke_certificate(path)
|
109
|
+
unless File.exists?(path)
|
110
|
+
log "Certificate #{path} does not exists", :warn
|
111
|
+
return false
|
112
|
+
end
|
113
|
+
cert = OpenSSL::X509::Certificate.new(File.read(path))
|
114
|
+
if client.revoke_certificate(cert)
|
115
|
+
log "Certificate '#{path}' was revoked", :info
|
116
|
+
end
|
117
|
+
true
|
118
|
+
rescue Acme::Client::Error::Malformed => e
|
119
|
+
log e.message, :error
|
120
|
+
return false
|
121
|
+
end
|
122
|
+
|
108
123
|
private
|
109
124
|
|
110
|
-
def
|
111
|
-
if File.exists?(@options[:certificate_path])
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
125
|
+
def certificate_exists_and_valid_and_all_domains_included?(domains)
|
126
|
+
return false if !File.exists?(@options[:certificate_path])
|
127
|
+
cert = OpenSSL::X509::Certificate.new(File.read(@options[:certificate_path]))
|
128
|
+
domains_in_cert = cert.extensions.map(&:to_h).select{|i| i['oid'] == 'subjectAltName' }.map{|i| i['value']}.join(', ').split(/, */).map{|i| i.sub(/^DNS:/, '') } +
|
129
|
+
[ cert.subject.to_s.sub(%r{/CN=}, '') ].uniq.sort
|
130
|
+
missing_domains = domains.sort.uniq - domains_in_cert
|
131
|
+
if missing_domains != []
|
132
|
+
log "Certificate '#{@options[:certificate_path]}' missing domains #{missing_domains.join(' ')}. Existing: #{domains_in_cert.join(' ')}", :warn
|
133
|
+
return false
|
119
134
|
end
|
135
|
+
renew_on = cert.not_after.to_date - @options[:days_valid]
|
136
|
+
if renew_on > Date.today
|
137
|
+
log "Certificate '#{@options[:certificate_path]}' still valid till #{cert.not_after.to_date}.", :warn
|
138
|
+
log "Won't renew until #{renew_on} (#{@options[:days_valid]} days before)", :warn
|
139
|
+
exit 2
|
140
|
+
end
|
141
|
+
|
142
|
+
true
|
120
143
|
end
|
121
144
|
|
122
145
|
def endpoint
|
data/lib/letsencrypt/cli/app.rb
CHANGED
@@ -71,6 +71,13 @@ module Letsencrypt
|
|
71
71
|
end
|
72
72
|
end
|
73
73
|
|
74
|
+
desc "revoke PATH_TO_CERTIFICATE", "revokes a given certificate"
|
75
|
+
def revoke(path)
|
76
|
+
if !wrapper.revoke_certificate(path)
|
77
|
+
exit 1
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
74
81
|
desc "manage DOMAINS", "meta command that will: check if cert already exists / still valid (exits zero if nothing todo, exits 2 if certificate is still valid) + authorize given domains + issue certificate for given domains"
|
75
82
|
method_option :key_length, desc: "Length of private key", default: 2048, type: :numeric
|
76
83
|
method_option :days_valid, desc: "If the --certificate-path already exists, only create new stuff, if that certificate isn't valid for less than the given number of days", default: 30, type: :numeric
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: letsencrypt-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stefan Wienert
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-05-31 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: acme-client
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.2.
|
19
|
+
version: 0.2.4
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.2.
|
26
|
+
version: 0.2.4
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: thor
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -175,6 +175,7 @@ files:
|
|
175
175
|
- ".gitignore"
|
176
176
|
- ".rspec"
|
177
177
|
- ".travis.yml"
|
178
|
+
- CHANGELOG.md
|
178
179
|
- Gemfile
|
179
180
|
- LICENSE.txt
|
180
181
|
- README.md
|
@@ -208,7 +209,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
208
209
|
version: '0'
|
209
210
|
requirements: []
|
210
211
|
rubyforge_project:
|
211
|
-
rubygems_version: 2.
|
212
|
+
rubygems_version: 2.4.8
|
212
213
|
signing_key:
|
213
214
|
specification_version: 4
|
214
215
|
summary: slim letsencrypt client for quickly authorizing (multiple) domains and issuing
|