solisoft/acme-client-runner.rb

## acme-client-runner.rb
#!/usr/bin/env ruby

require 'acme-client'

#Production
#ENDPOINT = 'https://acme-v01.api.letsencrypt.org'
#Testing
ENDPOINT = 'https://acme-staging.api.letsencrypt.org'
EMAIL = 'mailto:technion@lolware.net'
DOMAIN = 'lolware.net'
WEBROOT = '/var/www/html/'

ACCOUNT_FILE = 'account_key.pem'

if File.exist?(ACCOUNT_FILE)
  puts "Using existing account.."
  private_key = OpenSSL::PKey::RSA.new(File.read ACCOUNT_FILE)
  client = Acme::Client.new(private_key: private_key, endpoint: ENDPOINT)
else
  puts "Account file does not exist, creating new"
  private_key = OpenSSL::PKey::RSA.new 4096
  open ACCOUNT_FILE, 'w' do |io|
    io.write private_key.to_pem
  end
  client = Acme::Client.new(private_key: private_key, endpoint: ENDPOINT)
  registration = client.register(contact: EMAIL)
  registration.agree_terms
end

puts "Creating verification file"
# Creating sub folders if needed
FileUtils.mkdir_p WEBROOT + '.well-known/acme-challenge'
simple_http = client.authorize(domain: DOMAIN).simple_http
open WEBROOT + simple_http.filename, 'w' do |io|
  io.write simple_http.file_content
end

simple_http.request_verification
while(simple_http.verify_status == 'pending')
  sleep(1)
end
File.delete(WEBROOT + simple_http.filename)

puts "Status verified, creating certificate"
csr = OpenSSL::X509::Request.new
certificate_private_key = OpenSSL::PKey::RSA.new(2048)
csr.subject = OpenSSL::X509::Name.new [['CN', DOMAIN, OpenSSL::ASN1::UTF8STRING]]

csr.public_key = certificate_private_key.public_key
csr.sign(certificate_private_key, OpenSSL::Digest::SHA256.new)

puts "Writing out ssl_cert.pem and ssl_private_key.pem"
ssl =  client.new_certificate(csr)
open 'ssl_private_key.pem', 'w' do |io|
  io.write certificate_private_key.to_pem
end
open 'ssl_cert.pem', 'w' do |io|
  io.write ssl.to_pem
end
	#!/usr/bin/env ruby

	require 'acme-client'

	#Production
	#ENDPOINT = 'https://acme-v01.api.letsencrypt.org'
	#Testing
	ENDPOINT = 'https://acme-staging.api.letsencrypt.org'
	EMAIL = 'mailto:technion@lolware.net'
	DOMAIN = 'lolware.net'
	WEBROOT = '/var/www/html/'

	ACCOUNT_FILE = 'account_key.pem'

	if File.exist?(ACCOUNT_FILE)
	puts "Using existing account.."
	private_key = OpenSSL::PKey::RSA.new(File.read ACCOUNT_FILE)
	client = Acme::Client.new(private_key: private_key, endpoint: ENDPOINT)
	else
	puts "Account file does not exist, creating new"
	private_key = OpenSSL::PKey::RSA.new 4096
	open ACCOUNT_FILE, 'w' do \|io\|
	io.write private_key.to_pem
	end
	client = Acme::Client.new(private_key: private_key, endpoint: ENDPOINT)
	registration = client.register(contact: EMAIL)
	registration.agree_terms
	end

	puts "Creating verification file"
	# Creating sub folders if needed
	FileUtils.mkdir_p WEBROOT + '.well-known/acme-challenge'
	simple_http = client.authorize(domain: DOMAIN).simple_http
	open WEBROOT + simple_http.filename, 'w' do \|io\|
	io.write simple_http.file_content
	end

	simple_http.request_verification
	while(simple_http.verify_status == 'pending')
	sleep(1)
	end
	File.delete(WEBROOT + simple_http.filename)

	puts "Status verified, creating certificate"
	csr = OpenSSL::X509::Request.new
	certificate_private_key = OpenSSL::PKey::RSA.new(2048)
	csr.subject = OpenSSL::X509::Name.new [['CN', DOMAIN, OpenSSL::ASN1::UTF8STRING]]

	csr.public_key = certificate_private_key.public_key
	csr.sign(certificate_private_key, OpenSSL::Digest::SHA256.new)

	puts "Writing out ssl_cert.pem and ssl_private_key.pem"
	ssl = client.new_certificate(csr)
	open 'ssl_private_key.pem', 'w' do \|io\|
	io.write certificate_private_key.to_pem
	end
	open 'ssl_cert.pem', 'w' do \|io\|
	io.write ssl.to_pem
	end