thiagovsk/generate-cert.rb

## generate-cert.rb
require 'openssl'
require 'fileutils'
require 'acme-client'
require 'byebug'

ENV['SSL_ADDR'] = '2804.7f3.8481.3cf7.x.4.ip6.name'
ENV['APPLICATION_ENV'] = 'development'

puts 'Registering client'

private_key = OpenSSL::PKey::RSA.new(4096)

#if ENV['APPLICATION_ENV'] == :production.to_s
#	endpoint = 'https://acme-v01.api.letsencrypt.org/'
#else
	endpoint = 'https://acme-staging.api.letsencrypt.org/'
#end

# Initialize the client
client = Acme::Client.new(private_key: private_key, endpoint: endpoint, connection_options: { request: { open_timeout: 5, timeout: 5 } })
registration = client.register(contact: 'mailto:contact@example.com')
registration.agree_terms

####### AUTHORIZING THE CLIENT
puts 'Authorizing client to generate certificates'

authorization = client.authorize(domain: ENV['SSL_ADDR'])
challenge = authorization.dns01
debugger
challenge.request_verification

loop do
  begin
    puts '- Waiting authorization check'
    sleep(1)
    has_error = !challenge.error.nil?
    not_pending = challenge.authorization.verify_status != 'pending'
    puts "-- Status: #{challenge.authorization.verify_status}"
    has_certificate_response = not_pending || has_error
    if has_error
      raise "Let's Encrypt failed with error: #{challenge.error}"
    end
  end
  break if has_certificate_response
end

####### GENERATE CERTIFICATE IF DOEST NOT EXIST
puts 'Generating certificate'
csr = Acme::Client::CertificateRequest.new(names: [ENV['SSL_ADDR']])
certificate = client.new_certificate(csr)

puts 'Writing certificates'
FileUtils.mkdir_p(File.join('public', File.dirname(challenge.filename)))
File.write(File.join('public', challenge.filename), challenge.file_content)
File.write('keystore/https-certificates/privkey.pem', certificate.request.private_key.to_pem)
File.write('keystore/https-certificates/cert.pem', certificate.to_pem)
File.write('keystore/https-certificates/chain.pem', certificate.chain_to_pem)
File.write('keystore/https-certificates/fullchain.pem', certificate.fullchain_to_pem)

puts 'Finished'
	require 'openssl'
	require 'fileutils'
	require 'acme-client'
	require 'byebug'

	ENV['SSL_ADDR'] = '2804.7f3.8481.3cf7.x.4.ip6.name'
	ENV['APPLICATION_ENV'] = 'development'

	puts 'Registering client'

	private_key = OpenSSL::PKey::RSA.new(4096)

	#if ENV['APPLICATION_ENV'] == :production.to_s
	# endpoint = 'https://acme-v01.api.letsencrypt.org/'
	#else
	endpoint = 'https://acme-staging.api.letsencrypt.org/'
	#end

	# Initialize the client
	client = Acme::Client.new(private_key: private_key, endpoint: endpoint, connection_options: { request: { open_timeout: 5, timeout: 5 } })
	registration = client.register(contact: 'mailto:contact@example.com')
	registration.agree_terms

	####### AUTHORIZING THE CLIENT
	puts 'Authorizing client to generate certificates'

	authorization = client.authorize(domain: ENV['SSL_ADDR'])
	challenge = authorization.dns01
	debugger
	challenge.request_verification

	loop do
	begin
	puts '- Waiting authorization check'
	sleep(1)
	has_error = !challenge.error.nil?
	not_pending = challenge.authorization.verify_status != 'pending'
	puts "-- Status: #{challenge.authorization.verify_status}"
	has_certificate_response = not_pending \|\| has_error
	if has_error
	raise "Let's Encrypt failed with error: #{challenge.error}"
	end
	end
	break if has_certificate_response
	end

	####### GENERATE CERTIFICATE IF DOEST NOT EXIST
	puts 'Generating certificate'
	csr = Acme::Client::CertificateRequest.new(names: [ENV['SSL_ADDR']])
	certificate = client.new_certificate(csr)

	puts 'Writing certificates'
	FileUtils.mkdir_p(File.join('public', File.dirname(challenge.filename)))
	File.write(File.join('public', challenge.filename), challenge.file_content)
	File.write('keystore/https-certificates/privkey.pem', certificate.request.private_key.to_pem)
	File.write('keystore/https-certificates/cert.pem', certificate.to_pem)
	File.write('keystore/https-certificates/chain.pem', certificate.chain_to_pem)
	File.write('keystore/https-certificates/fullchain.pem', certificate.fullchain_to_pem)

	puts 'Finished'