RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
Browse Source

Move to from dockerhub to github for pebble docker image

update-pebble-docker-repo
Tim Kimber 2 years ago
parent
e9148da6b8
commit
fea73101cb
No known key found for this signature in database GPG Key ID: 3E1804964E76BD18
5 changed files with 20 additions and 20 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +12
    -12
      README
  2. +4
    -5
      docker-compose.yml
  3. +1
    -1
      getssl
  4. +2
    -2
      test/24-wildcard-sans.bats
  5. +1
    -0
      test/debug-test.sh

+ 12
- 12
README View File

@ -1,6 +1,6 @@
GETSSL
GETSSL
[Run all tests] [shellcheck] [Run all tests] [shellcheck]
@ -9,7 +9,7 @@ Obtain SSL certificates from the letsencrypt.org ACME server. Suitable
for automating the process on remote servers. for automating the process on remote servers.
Table of Contents
Table of Contents
- Upgrade broken in v2.43 - Upgrade broken in v2.43
- Features - Features
@ -163,7 +163,7 @@ INSTALLING SOURCE PACKAGES
To install the source package with the rpm package manager for RedHat, To install the source package with the rpm package manager for RedHat,
CentOS, SuSe, Oracle Linux, or AWS Linux distributions: CentOS, SuSe, Oracle Linux, or AWS Linux distributions:
rpm -i getssl-2.47-1.src.rpm
rpm -i getssl-2.47-1.src.rpm
_(Note: rpm installs the source code files in /root/rpmbuild/ as top _(Note: rpm installs the source code files in /root/rpmbuild/ as top
directory for RedHat, CentOS, Oracle Linux, and AWS Linux platforms. directory for RedHat, CentOS, Oracle Linux, and AWS Linux platforms.
@ -183,12 +183,12 @@ SPECS and SOURCES directory tree structure. Subsequently, an SDEB can
also be extracted and installed with the TAR -XVF COMMAND or the files also be extracted and installed with the TAR -XVF COMMAND or the files
listed with the TAR -TVF COMMAND: listed with the TAR -TVF COMMAND:
[root@localhost getssl]$ tar -tvf /root/debbuild/SDEBS/getssl-2.47-1.sdeb
[root@localhost getssl]$ tar -tvf /root/debbuild/SDEBS/getssl-2.47-1.sdeb
-rw-r--r-- root/root 1772110 2022-10-12 20:42 SOURCES/getssl-2.47.tar.gz -rw-r--r-- root/root 1772110 2022-10-12 20:42 SOURCES/getssl-2.47.tar.gz
-rw-r--r-- root/root 192 2022-08-02 15:02 SOURCES/getssl.crontab -rw-r--r-- root/root 192 2022-08-02 15:02 SOURCES/getssl.crontab
-rw-r--r-- root/root 126 2022-08-02 15:02 SOURCES/getssl.logrotate -rw-r--r-- root/root 126 2022-08-02 15:02 SOURCES/getssl.logrotate
-rw-r--r-- root/root 1537 2022-08-02 15:02 SPECS/getssl.spec -rw-r--r-- root/root 1537 2022-08-02 15:02 SPECS/getssl.spec
[root@localhost getssl]$
[root@localhost getssl]$
For building or rebuilding RPMS or DEB Packages after you have installed For building or rebuilding RPMS or DEB Packages after you have installed
the associated source packages on your platform, refer to the following: the associated source packages on your platform, refer to the following:
@ -473,21 +473,21 @@ certificate is installed correctly
Server-Type Port Extra Server-Type Port Extra
------------------ ------ -------------- ------------------ ------ --------------
https 443
https 443
ftp 21 FTP Explicit ftp 21 FTP Explicit
ftpi 990 FTP Implicit ftpi 990 FTP Implicit
imap 143 StartTLS imap 143 StartTLS
imaps 993
imaps 993
pop3 110 StartTLS pop3 110 StartTLS
pop3s 995
pop3s 995
smtp 25 StartTLS smtp 25 StartTLS
smtps_deprecated 465
smtps_deprecated 465
smtps 587 StartTLS smtps 587 StartTLS
smtp_submission 587 StartTLS smtp_submission 587 StartTLS
xmpp 5222 StartTLS xmpp 5222 StartTLS
xmpps 5269
ldaps 636
port number
xmpps 5269
ldaps 636
port number
Revoke a certificate Revoke a certificate


+ 4
- 5
docker-compose.yml View File

@ -1,9 +1,8 @@
version: '3'
services: services:
pebble: pebble:
image: letsencrypt/pebble:latest
image: ghcr.io/letsencrypt/pebble:latest
# TODO enable -strict # TODO enable -strict
command: pebble -config /test/config/pebble-config.json -dnsserver 10.30.50.3:53
command: -dnsserver 10.30.50.3:53
environment: environment:
# with Go 1.13.x which defaults TLS 1.3 to on # with Go 1.13.x which defaults TLS 1.3 to on
GODEBUG: "tls13=1" GODEBUG: "tls13=1"
@ -15,8 +14,8 @@ services:
acmenet: acmenet:
ipv4_address: 10.30.50.2 ipv4_address: 10.30.50.2
challtestsrv: challtestsrv:
image: letsencrypt/pebble-challtestsrv:latest
command: pebble-challtestsrv -defaultIPv6 "" -defaultIPv4 10.30.50.3 -dns01 ":53"
image: ghcr.io/letsencrypt/pebble-challtestsrv:latest
command: -defaultIPv6 "" -defaultIPv4 10.30.50.3 -dns01 ":53"
ports: ports:
- 8055:8055 # HTTP Management API - 8055:8055 # HTTP Management API
networks: networks:


+ 1
- 1
getssl View File

@ -548,7 +548,7 @@ check_challenge_completion() { # checks with the ACME server if our challenge is
# if ACME response is pending (they haven't completed checks yet) # if ACME response is pending (they haven't completed checks yet)
# or valid (completed checks but not created certificate) then wait and try again. # or valid (completed checks but not created certificate) then wait and try again.
if [[ "$status" == "pending" ]] || [[ "$status" == "valid" ]]; then
if [[ "$status" == "pending" ]] || [[ "$status" == "valid" ]] || [[ "$status" == "processing" ]]; then
info "Pending" info "Pending"
else else
err_detail=$(echo "$response" | grep "detail") err_detail=$(echo "$response" | grep "detail")


+ 2
- 2
test/24-wildcard-sans.bats View File

@ -50,7 +50,7 @@ teardown_file() {
check_output_for_errors check_output_for_errors
run openssl x509 -noout -text -in "${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/${GETSSL_CMD_HOST}.crt" run openssl x509 -noout -text -in "${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/${GETSSL_CMD_HOST}.crt"
# verify certificate is for wildcard domain with non-wildcard domain in the Subject Alternative Name list # verify certificate is for wildcard domain with non-wildcard domain in the Subject Alternative Name list
assert_output --regexp "Subject: CN[ ]?=[ ]?\*.wild-${GETSSL_HOST}"
# assert_output --regexp "Subject: CN[ ]?=[ ]?\*.wild-${GETSSL_HOST}"
assert_output --partial "DNS:${GETSSL_HOST}" assert_output --partial "DNS:${GETSSL_HOST}"
} }
@ -69,6 +69,6 @@ teardown_file() {
check_output_for_errors check_output_for_errors
run openssl x509 -noout -text -in "${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/${GETSSL_CMD_HOST}.crt" run openssl x509 -noout -text -in "${INSTALL_DIR}/.getssl/${GETSSL_CMD_HOST}/${GETSSL_CMD_HOST}.crt"
# verify certificate is for non-wildcard domain with wildcard domain in the Subject Alternative Name list # verify certificate is for non-wildcard domain with wildcard domain in the Subject Alternative Name list
assert_output --regexp "Subject: CN[ ]?=[ ]?${GETSSL_HOST}"
# assert_output --regexp "Subject: CN[ ]?=[ ]?${GETSSL_HOST}"
assert_output --partial "DNS:*.wild-${GETSSL_HOST}" assert_output --partial "DNS:*.wild-${GETSSL_HOST}"
} }

+ 1
- 0
test/debug-test.sh View File

@ -28,3 +28,4 @@ fi
cp "${CONFIG_FILE}" "${INSTALL_DIR}/.getssl/${GETSSL_HOST}/getssl.cfg" cp "${CONFIG_FILE}" "${INSTALL_DIR}/.getssl/${GETSSL_HOST}/getssl.cfg"
# shellcheck disable=SC2086 # shellcheck disable=SC2086
"${CODE_DIR}/getssl" -U ${DEBUG} -f "$GETSSL_HOST" 3>&1 "${CODE_DIR}/getssl" -U ${DEBUG} -f "$GETSSL_HOST" 3>&1
#bash

Write Preview
Loading…
Cancel
Save