kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/lib/gitlab/lets_encrypt/order.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

40 lines
848 B
Ruby
Raw Normal View History

Add Let's Encrypt client Part of adding Let's Encrypt certificates for pages domains Add acme-client gem Client is being initialized by private key stored in secrets.yml Let's Encrypt account is being created lazily. If it's already created, Acme::Client just gets account_kid by calling new_account method Make Let's Encrypt client an instance Wrap order and challenge classes
2019-05-16 05:32:25 -04:00
# frozen_string_literal: true
module Gitlab
module LetsEncrypt
class Order
def initialize(acme_order)
@acme_order = acme_order
end
def new_challenge
challenge = authorization.http
::Gitlab::LetsEncrypt::Challenge.new(challenge)
end
Add pages domains acme orders Extract acme double to helper Create ACME challanges for pages domains * Create order & challange through API * save them to database * request challenge validation We're saving order and challenge as one entity, that wouldn't be correct if we would order certificates for several domains simultaneously, but we always order certificate per domain Add controller for processing acme challenges redirected from pages Don't save acme challenge url - we don't use it Validate acme challenge attributes Encrypt private_key in acme orders
2019-06-06 14:55:31 -04:00
def request_certificate(domain:, private_key:)
csr = ::Acme::Client::CertificateRequest.new(
private_key: OpenSSL::PKey.read(private_key),
subject: { common_name: domain }
)
acme_order.finalize(csr: csr)
end
Add latest changes from gitlab-org/gitlab@master
2020-03-30 14:08:07 -04:00
def challenge_error
authorization.challenges.first&.error
end
Add pages domains acme orders Extract acme double to helper Create ACME challanges for pages domains * Create order & challange through API * save them to database * request challenge validation We're saving order and challenge as one entity, that wouldn't be correct if we would order certificates for several domains simultaneously, but we always order certificate per domain Add controller for processing acme challenges redirected from pages Don't save acme challenge url - we don't use it Validate acme challenge attributes Encrypt private_key in acme orders
2019-06-06 14:55:31 -04:00
delegate :url, :status, :expires, :certificate, to: :acme_order
Add Let's Encrypt client Part of adding Let's Encrypt certificates for pages domains Add acme-client gem Client is being initialized by private key stored in secrets.yml Let's Encrypt account is being created lazily. If it's already created, Acme::Client just gets account_kid by calling new_account method Make Let's Encrypt client an instance Wrap order and challenge classes
2019-05-16 05:32:25 -04:00
private
attr_reader :acme_order
Add latest changes from gitlab-org/gitlab@master
2020-03-30 14:08:07 -04:00
def authorization
@acme_order.authorizations.first
end
Add Let's Encrypt client Part of adding Let's Encrypt certificates for pages domains Add acme-client gem Client is being initialized by private key stored in secrets.yml Let's Encrypt account is being created lazily. If it's already created, Acme::Client just gets account_kid by calling new_account method Make Let's Encrypt client an instance Wrap order and challenge classes
2019-05-16 05:32:25 -04:00
end
end
end
Copy permalink