acme-downloader
Fetches and stores a given Certificate, Full Chain, CA and Private Keynodes
It is meant to be used in conjunction with Geant ACME infrastructure
usage
you can use the tool as following:
acme-downloader --vault-token=<VAULT-TOKEN> --redis-token=<REDIS_TOKEN> \
--cert-name=foo-ev-cert.geant.org --team-name=swd
If the certificate is being replaced, the tool throws an exit status equal to 64 and you can reload your application.
You can check all the options using --help
:
ACME Downloader:
- fetches and stores a given Certificate, Full Chain, CA and Private Key
Usage:
acme-downloader --redis-token=REDISTOKEN --vault-token=VAULTTOKEN --cert-name=CERTNAME --team-name=TEAMNAME [--days=DAYS] [--type=TYPE] [--cert-destination=CERTDESTINATION] [--fullchain-destination=FULLCHAINDESTINATION] [--key-destination=KEYDESTINATION] [--ca-destination=CADESTINATION]
acme-downloader -v | --version
acme-downloader -b | --build
acme-downloader -h | --help
Options:
-h --help Show this screen
-v --version Print version exit
-b --build Print version and build information and exit
--redis-token=REDISTOKEN Redis access token
--vault-token=VAULTTOKEN Vault access token
--cert-name=CERTNAME Certificate name
--team-name=TEAMNAME Team name: swd, dream_team, it, ne, ti...
--days=DAYS Days before expiration [default: 30]
--type=TYPE Type, EV or OV [default: EV]
--cert-destination=CERTDESTINATION Cert Destination [default: /etc/ssl/certs/<cert-name>.crt]
--fullchain-destination=FULLCHAINDESTINATION Full Chain Destination[default: /etc/ssl/certs/<cert-name>_fullchain.crt]
--key-destination=KEYDESTINATION Key Destination [default: /etc/ssl/private/<cert-name>.key]
--ca-destination=CADESTINATION CA Destination [default: /etc/ssl/certs/COMODO_<type>.crt]
--wildcard The certificate type is wildcard```
compatibility
Maybe 43 different platforms but tested only on Linux and Windows.
build
It compiles on several platforms and architectures.
Please run the script in this repository to check all available options:
./build.sh --help