# acme-downloader

1. [usage](#usage)
1. [compatibility](#compatibility)
1. [build](#build)

Fetches and stores a given Certificate, Full Chain, CA and Private Key.

It is meant to be used in conjunction within the Geant ACME infrastructure.

## usage

you can use the tool as following:

```bash
acme-downloader --vault-token=<VAULT-TOKEN> --redis-token=<REDIS_TOKEN> \
    --cert-name=foo-ev-cert.geant.org --team-name=swd
```

<span style="text-decoration: underline">If the certificate is being replaced, the tool throws an exit status equal to 64 and you can reload your application in order to use the new certificate.</span>

You can check all the options using `--help`:

```bash
ACME Downloader:
  - fetches and stores a given Certificate, Full Chain, CA and Private Key

Usage:
  acme-downloader --redis-token=REDISTOKEN --vault-token=VAULTTOKEN --cert-name=CERTNAME --team-name=TEAMNAME [--days=DAYS] [--type=TYPE] [--cert-destination=CERTDESTINATION] [--fullchain-destination=FULLCHAINDESTINATION] [--key-destination=KEYDESTINATION] [--ca-destination=CADESTINATION]
  acme-downloader -h | --help
  acme-downloader -v | --version
  acme-downloader -b | --build

Options:
  -h --help                                     Show this screen
  -v --version                                  Print version information and exit
  -b --build                                    Print version and build information and exit
  --redis-token=REDISTOKEN                      Redis access token
  --vault-token=VAULTTOKEN                      Vault access token
  --cert-name=CERTNAME                          Certificate name
  --team-name=TEAMNAME                          Team name: swd, dream_team, it, ne, ti...
  --days=DAYS                                   Days before expiration [default: 30]
  --type=TYPE                                   Type, EV or OV [default: EV]
  --cert-destination=CERTDESTINATION            Cert Destination [default: /etc/ssl/certs/<cert-name>.crt]
  --fullchain-destination=FULLCHAINDESTINATION  Full Chain Destination[default: /etc/ssl/certs/<cert-name>_fullchain.crt]
  --key-destination=KEYDESTINATION              Key Destination [default: /etc/ssl/private/<cert-name>.key]
  --ca-destination=CADESTINATION                CA Destination [default: /etc/ssl/certs/COMODO_<type>.crt]
  --wildcard                                    The certificate type is wildcard
```

## compatibility

Maybe 43 different platforms but tested on Linux and Windows only.

## build

It compiles on several platforms and architectures.

Please run the script in this repository to check all available options:

```bash
./build.sh --help
```