Skip to content
Snippets Groups Projects

acme-downloader

  1. usage
  2. compatibility
  3. build

Fetches and stores a given Certificate, Full Chain, CA and Private Keynodes

It is meant to be used in conjunction with Geant ACME infrastructure

usage

you can use the tool as following:

acme-downloader --vault-token=<VAULT-TOKEN> --redis-token=<REDIS_TOKEN> \
    --cert-name=foo-ev-cert.geant.org --team-name=swd

If the certificate is being replaced, the tool throws an exit status equal to 64 and you can reload your application.

You can check all the options using --help:

ACME Downloader:
  - fetches and stores a given Certificate, Full Chain, CA and Private Key

Usage:
  acme-downloader --redis-token=REDISTOKEN --vault-token=VAULTTOKEN --cert-name=CERTNAME --team-name=TEAMNAME [--days=DAYS] [--type=TYPE] [--cert-destination=CERTDESTINATION] [--fullchain-destination=FULLCHAINDESTINATION] [--key-destination=KEYDESTINATION] [--ca-destination=CADESTINATION]
  acme-downloader -v | --version
  acme-downloader -b | --build
  acme-downloader -h | --help

Options:
  -h --help                                     Show this screen
  -v --version                                  Print version exit
  -b --build                                    Print version and build information and exit
  --redis-token=REDISTOKEN                      Redis access token
  --vault-token=VAULTTOKEN                      Vault access token
  --cert-name=CERTNAME                          Certificate name
  --team-name=TEAMNAME                          Team name: swd, dream_team, it, ne, ti...
  --days=DAYS                                   Days before expiration [default: 30]
  --type=TYPE                                   Type, EV or OV [default: EV]
  --cert-destination=CERTDESTINATION            Cert Destination [default: /etc/ssl/certs/<cert-name>.crt]
  --fullchain-destination=FULLCHAINDESTINATION  Full Chain Destination[default: /etc/ssl/certs/<cert-name>_fullchain.crt]
  --key-destination=KEYDESTINATION              Key Destination [default: /etc/ssl/private/<cert-name>.key]
  --ca-destination=CADESTINATION                CA Destination [default: /etc/ssl/certs/COMODO_<type>.crt]
  --wildcard                                    The certificate type is wildcard```

compatibility

Maybe 43 different platforms but tested only on Linux and Windows.

build

It compiles on several platforms and architectures.

Please run the script in this repository to check all available options:

./build.sh --help