Class: Vcert::TPPConnection

Inherits:
Object
  • Object
show all
Defined in:
lib/tpp/tpp.rb

Instance Method Summary collapse

Constructor Details

#initialize(url, user, password, trust_bundle: nil) ⇒ TPPConnection

Returns a new instance of TPPConnection.



7
8
9
10
11
12
13
# File 'lib/tpp/tpp.rb', line 7

def initialize(url, user, password, trust_bundle: nil)
  @url = normalize_url url
  @user = user
  @password = password
  @token = nil
  @trust_bundle = trust_bundle
end

Instance Method Details

#addStartEnd(s) ⇒ Object



222
223
224
225
226
227
228
229
230
# File 'lib/tpp/tpp.rb', line 222

def addStartEnd(s)
  unless s.index("^") == 0
    s = "^" + s
  end
  unless s.end_with?("$")
    s = s + "$"
  end
  s
end

#escape(value) ⇒ Object



232
233
234
235
236
237
238
# File 'lib/tpp/tpp.rb', line 232

def escape(value)
  if value.kind_of? Array
    return value.map { |v| addStartEnd(Regexp.escape(v)) }
  else
    return addStartEnd(Regexp.escape(value))
  end
end

#policy(zone_tag) ⇒ Object



41
42
43
44
45
46
47
# File 'lib/tpp/tpp.rb', line 41

def policy(zone_tag)
  code, response = post URL_ZONE_CONFIG, {:PolicyDN => policy_dn(zone_tag)}
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  parse_policy_response response, zone_tag
end

#renew(request, generate_new_key: true) ⇒ Object



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# File 'lib/tpp/tpp.rb', line 57

def renew(request, generate_new_key: true)
  if request.id.nil? && request.thumbprint.nil?
    raise('Either request ID or certificate thumbprint is required to renew the certificate')
  end

  request.id = search_by_thumbprint(request.thumbprint) unless request.thumbprint.nil?
  renew_req_data = {"CertificateDN": request.id}
  if generate_new_key
    csr_base64_data = retrieve request
    LOG.info("Retrieved certificate:\n#{csr_base64_data.cert}")
    parsed_csr = parse_csr_fields_tpp(csr_base64_data.cert)
    renew_request = Vcert::Request.new(
      common_name: parsed_csr.fetch(:CN, nil),
      san_dns: parsed_csr.fetch(:DNS, nil),
      country: parsed_csr.fetch(:C, nil),
      province: parsed_csr.fetch(:ST, nil),
      locality: parsed_csr.fetch(:L, nil),
      organization: parsed_csr.fetch(:O, nil),
      organizational_unit: parsed_csr.fetch(:OU, nil)
    )
    renew_req_data.merge!(PKCS10: renew_request.csr)
  end
  LOG.info("Trying to renew certificate #{request.id}")
  _, d = post(URL_CERTIFICATE_RENEW, renew_req_data)
  raise 'Certificate renew error' unless d.key?('Success')

  if generate_new_key
    [request.id, renew_request.private_key]
  else
    [request.id, nil]
  end
end

#request(zone_tag, request) ⇒ Object



15
16
17
18
19
20
21
22
23
24
25
# File 'lib/tpp/tpp.rb', line 15

def request(zone_tag, request)
  data = {:PolicyDN => policy_dn(zone_tag),
          :PKCS10 => request.csr,
          :ObjectName => request.friendly_name,
          :DisableAutomaticRenewal => "true"}
  code, response = post URL_CERTIFICATE_REQUESTS, data
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  request.id = response['CertificateDN']
end

#retrieve(request) ⇒ Object



27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'lib/tpp/tpp.rb', line 27

def retrieve(request)
  retrieve_request = {CertificateDN: request.id, Format: "base64", IncludeChain: 'true', RootFirstOrder: "false"}
  code, response = post URL_CERTIFICATE_RETRIEVE, retrieve_request
  if code != 200
    return nil
  end
  full_chain = Base64.decode64(response['CertificateData'])
  cert = parse_full_chain full_chain
  if cert.private_key == nil
    cert.private_key = request.private_key
  end
  cert
end

#zone_configuration(zone_tag) ⇒ Object



49
50
51
52
53
54
55
# File 'lib/tpp/tpp.rb', line 49

def zone_configuration(zone_tag)
  code, response = post URL_ZONE_CONFIG, {:PolicyDN => policy_dn(zone_tag)}
  if code != 200
    raise Vcert::ServerUnexpectedBehaviorError, "Status  #{code}"
  end
  parse_zone_configuration response
end