Skip to content
Snippets Groups Projects
Massimiliano Adamo's avatar
Massimiliano Adamo authored
8276bed0
History

acme-downloader

  1. usage
  2. compatibility
  3. build

Fetches and stores a given Certificate, Full Chain, CA and Private Key.

It is meant to be used in conjunction within the Geant ACME infrastructure.

usage

you can use the tool as following:

acme-downloader --vault-token=<VAULT-TOKEN> --redis-token=<REDIS_TOKEN> \
    --cert-name=foo-ev-cert.geant.org --team-name=swd

If the certificate is being replaced, the tool throws an exit status equal to 64 and you can reload your application in order to use the new certificate.

You can check all the options using --help:

ACME Downloader:
  - fetches and stores a given Certificate, Full Chain, CA and Private Key

Usage:
  acme-downloader --redis-token=REDISTOKEN --vault-token=VAULTTOKEN --cert-name=CERTNAME --team-name=TEAMNAME [--days=DAYS] [--type=TYPE] [--cert-destination=CERTDESTINATION] [--fullchain-destination=FULLCHAINDESTINATION] [--key-destination=KEYDESTINATION] [--ca-destination=CADESTINATION]
  acme-downloader -h | --help
  acme-downloader -v | --version
  acme-downloader -b | --build

Options:
  -h --help                                     Show this screen
  -v --version                                  Print version information and exit
  -b --build                                    Print version and build information and exit
  --redis-token=REDISTOKEN                      Redis access token
  --vault-token=VAULTTOKEN                      Vault access token
  --cert-name=CERTNAME                          Certificate name
  --team-name=TEAMNAME                          Team name: swd, dream_team, it, ne, ti...
  --days=DAYS                                   Days before expiration [default: 30]
  --type=TYPE                                   Type, EV or OV [default: EV]
  --cert-destination=CERTDESTINATION            Cert Destination [default: /etc/ssl/certs/<cert-name>.crt]
  --fullchain-destination=FULLCHAINDESTINATION  Full Chain Destination[default: /etc/ssl/certs/<cert-name>_fullchain.crt]
  --key-destination=KEYDESTINATION              Key Destination [default: /etc/ssl/private/<cert-name>.key]
  --ca-destination=CADESTINATION                CA Destination [default: /etc/ssl/certs/COMODO_<type>.crt]
  --wildcard                                    The certificate type is wildcard

compatibility

Maybe 43 different platforms but tested on Linux and Windows only.

build

It compiles on several platforms and architectures.

Please run the script in this repository to check all available options:

./build.sh --help