jgamblin/digicert.sh

## digicert.sh
#!/bin/bash

#Required
apikey=*YourAPIKey*
domain=*YourOrgDomain*
commonname=$(hostname --fqdn)
orgid=*YourOrgID*
#OV or EV or Private
cert_type=ov

#Change to your company details
country=*YourCountry*
state=*YourState*
locality=*YourCity*
organization=*YourOrg*
organizationalunit=*YourOU*
email=*YourEmail*

#Clear The Screen to make it pretty.
printf "\033c"

#Optional
password=certkeypassword

#Generate a key
printf "Creating Key.\033[0K\r"
openssl genrsa -des3 -passout pass:$password -out $commonname.key 2048 -noout > /dev/null 2>&1

#Remove passphrase from the key. Uncomment the line to remove the passphrase
printf "Removing passphrase from key.\033[0K\r"
openssl rsa -in $commonname.key -passin pass:$password -out $commonname.key > /dev/null 2>&1

#Create the request
printf "Creating CSR.\033[0K\r"
openssl req -new -key $commonname.key -out $commonname.csr -passin pass:$password \
   -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email" > /dev/null 2>&1

#Fix CSR
csr=$(tr -d ' \t\n\r\f' <$commonname.csr )

#Setup Cert Request
request_cert=$(< <(cat <<EOF
{
  "certificate": {
    "common_name": "$commonname",
    "csr": "$csr",
    "organization_units": [
      "Data Center"
    ],
    "server_platform": {
      "id": 45
    },
    "signature_hash": "sha512"
  },
  "organization": {
    "id": $orgid
  },
  "product": {
    "type_hint": "$cert_type"
  },
  "validity_years": 3,
   "disable_issuance_email": "true",
  "disable_renewal_notifications": "true"
}
EOF
))

#Setup Cert Approval
request_issue=$(< <(cat <<EOF
{
  "status": "approved"
}
EOF
))

printf "Requesting DigiCert Cert.\033[0K\r"
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_cert}'" https://www.digicert.com/services/v2/order/certificate/ssl > order.txt
bash order.txt > ordered.txt
sleep 10

printf  "Approving Digicert Cert.\033[0K\r"
ordernumber=$(cat ordered.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $5}')
echo curl -s -X PUT -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_issue}'"  "https://www.digicert.com/services/v2/request/${ordernumber}/status" > approve.txt
bash approve.txt
sleep 10

printf  "Getting Cert Number.\033[0K\r"
otherordernumber=$(cat ordered.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $2}')
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"'  "https://www.digicert.com/services/v2/order/certificate/${otherordernumber}" > cert.txt
bash cert.txt > certs.txt
#printf  "Sleeping For 60 Seconds To Allow Cert to Be Issued. \n"
secs=60
while [ $secs -gt 0 ]; do
   echo -ne "Sleeping for $secs Seconds To Allow Cert to Be Issued.\033[0K\r"
   sleep 1
   : $((secs--))
done
printf  "Downloading Certs.\033[0K\r"
certnumber=$(cat certs.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $5}')

#Uncomment for a P7B bundle of all the certs in a .p7b file
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/p7b" --output $commonname.p7b > p7b.txt
bash p7b.txt

#Uncomment for Individual .crts (zipped)
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/default" --output  $commonname.zip > zip.txt
bash zip.txt

#Uncomment for a single .pem file containing all the certs
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_all" --output  $commonname.pem > pem.txt
bash pem.txt

#Uncomment for a single .pem file containing all the certs except for the root
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_noroot" --output  $commonname.noroot.pem > pem_noroot.txt
bash pem_noroot.txt

mkdir -p commands
mv *.txt \commands
printf  "Done.\033[0K\r"
	#!/bin/bash

	#Required
	apikey=YourAPIKey
	domain=YourOrgDomain
	commonname=$(hostname --fqdn)
	orgid=YourOrgID
	#OV or EV or Private
	cert_type=ov

	#Change to your company details
	country=YourCountry
	state=YourState
	locality=YourCity
	organization=YourOrg
	organizationalunit=YourOU
	email=YourEmail

	#Clear The Screen to make it pretty.
	printf "\033c"

	#Optional
	password=certkeypassword

	#Generate a key
	printf "Creating Key.\033[0K\r"
	openssl genrsa -des3 -passout pass:$password -out $commonname.key 2048 -noout > /dev/null 2>&1

	#Remove passphrase from the key. Uncomment the line to remove the passphrase
	printf "Removing passphrase from key.\033[0K\r"
	openssl rsa -in $commonname.key -passin pass:$password -out $commonname.key > /dev/null 2>&1

	#Create the request
	printf "Creating CSR.\033[0K\r"
	openssl req -new -key $commonname.key -out $commonname.csr -passin pass:$password \
	-subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email" > /dev/null 2>&1

	#Fix CSR
	csr=$(tr -d ' \t\n\r\f' <$commonname.csr )

	#Setup Cert Request
	request_cert=$(< <(cat <<EOF
	{
	"certificate": {
	"common_name": "$commonname",
	"csr": "$csr",
	"organization_units": [
	"Data Center"
	],
	"server_platform": {
	"id": 45
	},
	"signature_hash": "sha512"
	},
	"organization": {
	"id": $orgid
	},
	"product": {
	"type_hint": "$cert_type"
	},
	"validity_years": 3,
	"disable_issuance_email": "true",
	"disable_renewal_notifications": "true"
	}
	EOF
	))

	#Setup Cert Approval
	request_issue=$(< <(cat <<EOF
	{
	"status": "approved"
	}
	EOF
	))

	printf "Requesting DigiCert Cert.\033[0K\r"
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_cert}'" https://www.digicert.com/services/v2/order/certificate/ssl > order.txt
	bash order.txt > ordered.txt
	sleep 10

	printf "Approving Digicert Cert.\033[0K\r"
	ordernumber=$(cat ordered.txt \| tr ':' ',' \| awk -F',' '$4 ~ /id/ {print $5}')
	echo curl -s -X PUT -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_issue}'" "https://www.digicert.com/services/v2/request/${ordernumber}/status" > approve.txt
	bash approve.txt
	sleep 10

	printf "Getting Cert Number.\033[0K\r"
	otherordernumber=$(cat ordered.txt \| tr ':' ',' \| awk -F',' '$4 ~ /id/ {print $2}')
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' "https://www.digicert.com/services/v2/order/certificate/${otherordernumber}" > cert.txt
	bash cert.txt > certs.txt
	#printf "Sleeping For 60 Seconds To Allow Cert to Be Issued. \n"
	secs=60
	while [ $secs -gt 0 ]; do
	echo -ne "Sleeping for $secs Seconds To Allow Cert to Be Issued.\033[0K\r"
	sleep 1
	: $((secs--))
	done
	printf "Downloading Certs.\033[0K\r"
	certnumber=$(cat certs.txt \| tr ':' ',' \| awk -F',' '$4 ~ /id/ {print $5}')

	#Uncomment for a P7B bundle of all the certs in a .p7b file
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: /"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/p7b" --output $commonname.p7b > p7b.txt
	bash p7b.txt

	#Uncomment for Individual .crts (zipped)
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: /"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/default" --output $commonname.zip > zip.txt
	bash zip.txt

	#Uncomment for a single .pem file containing all the certs
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: /"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_all" --output $commonname.pem > pem.txt
	bash pem.txt

	#Uncomment for a single .pem file containing all the certs except for the root
	echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: /"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_noroot" --output $commonname.noroot.pem > pem_noroot.txt
	bash pem_noroot.txt

	mkdir -p commands
	mv *.txt \commands
	printf "Done.\033[0K\r"