teecee1/acme-cert-dump-all.py

## acme-cert-dump-all.py
#!/usr/bin/env python
import argparse
import base64
import json
import os


def main():
    parser = argparse.ArgumentParser(
        description="Dump all certificates out of Traefik's acme.json file")
    parser.add_argument('acme_json', help='path to the acme.json file')
    parser.add_argument('dest_dir',
                        help='path to the directory to store the certificate')

    args = parser.parse_args()

    certs = read_certs(args.acme_json)

    print('Found certs for %d domains' % (len(certs)/2,))
    for domain, cert in certs.items():
        print('Writing cert for domain %s' % (domain,))
        write_cert(args.dest_dir, domain, cert)

    print('Done')


def write_cert(storage_dir, domain, cert_content):
    if domain[-3:] <>  'key':
        cert_path = os.path.join(storage_dir, '%s.pem' % (domain,))
    else:
        cert_path = os.path.join(storage_dir, '%s.key' % (domain[:-3],))

    with open(cert_path, 'wb', 0o660) as cert_file:
        cert_file.write(cert_content)

    if domain[-3:] <>  'key':
        os.chmod(cert_path, 0o666)
    else:
        os.chmod(cert_path, 0o600)


def read_certs(acme_json_path):
    with open(acme_json_path) as acme_json_file:
        acme_json = json.load(acme_json_file)

    certs_json = acme_json['myresolver']['Certificates']
    certs = {}
    for cert in certs_json:
        domain = cert['domain']['main']
        domain_cert = cert
        # Only get the first cert (should be the most recent)
        if domain not in certs:
            print("domain: %s " % (domain,))
#            aaa = base64.b64decode(domain_cert['certificate'])
#            certs[domain]       = b''.join(base64.b64decode(domain_cert['certificate']))
#            certs[domain+"key"] = b''.join(base64.b64decode(domain_cert['key']))
            certs[domain]       = to_pem_data(domain_cert,'certificate')
            certs[domain+'key'] = to_pem_data(domain_cert,'key')
        else:
            print("***** double domain: %s " % (domain,))

    return certs


def to_pem_data(json_cert, cert_key):
#    print(json_cert)
    return b''.join(base64.b64decode(json_cert[cert_key]))


if __name__ == '__main__':
    main()
	#!/usr/bin/env python
	import argparse
	import base64
	import json
	import os


	def main():
	parser = argparse.ArgumentParser(
	description="Dump all certificates out of Traefik's acme.json file")
	parser.add_argument('acme_json', help='path to the acme.json file')
	parser.add_argument('dest_dir',
	help='path to the directory to store the certificate')

	args = parser.parse_args()

	certs = read_certs(args.acme_json)

	print('Found certs for %d domains' % (len(certs)/2,))
	for domain, cert in certs.items():
	print('Writing cert for domain %s' % (domain,))
	write_cert(args.dest_dir, domain, cert)

	print('Done')


	def write_cert(storage_dir, domain, cert_content):
	if domain[-3:] <> 'key':
	cert_path = os.path.join(storage_dir, '%s.pem' % (domain,))
	else:
	cert_path = os.path.join(storage_dir, '%s.key' % (domain[:-3],))

	with open(cert_path, 'wb', 0o660) as cert_file:
	cert_file.write(cert_content)

	if domain[-3:] <> 'key':
	os.chmod(cert_path, 0o666)
	else:
	os.chmod(cert_path, 0o600)


	def read_certs(acme_json_path):
	with open(acme_json_path) as acme_json_file:
	acme_json = json.load(acme_json_file)

	certs_json = acme_json['myresolver']['Certificates']
	certs = {}
	for cert in certs_json:
	domain = cert['domain']['main']
	domain_cert = cert
	# Only get the first cert (should be the most recent)
	if domain not in certs:
	print("domain: %s " % (domain,))
	# aaa = base64.b64decode(domain_cert['certificate'])
	# certs[domain] = b''.join(base64.b64decode(domain_cert['certificate']))
	# certs[domain+"key"] = b''.join(base64.b64decode(domain_cert['key']))
	certs[domain] = to_pem_data(domain_cert,'certificate')
	certs[domain+'key'] = to_pem_data(domain_cert,'key')
	else:
	print("***** double domain: %s " % (domain,))

	return certs


	def to_pem_data(json_cert, cert_key):
	# print(json_cert)
	return b''.join(base64.b64decode(json_cert[cert_key]))


	if __name__ == '__main__':
	main()