letsencrypt.tcl
Does not contain a contract.
- Location:
- /packages/acs-subsite/www/admin/letsencrypt.tcl
Related Files
[ hide source ] | [ make this the default ]
File Contents
# # letsencrypt.tcl -- # # A small Let's Encrypt client for NaviServer implemented in Tcl, # supporting the ACME v2 interface of letsenvrypt. # # To use it, set enabled to 1 and drop it somewhere under # NaviServer pageroot which is usually /usr/local/ns/pages and point # browser to it. # # If this page needs to be access restricted, configure the following # three variables: # set user "" set password "" set enabled 1 # # Configuration # # "-sslpath": # The certificate will be placed finally into this directory. # Defaults to: "[ns_info home]/modules/nsssl" # # "-key_type": # Can be "ecdsa" or "rsa". Eliptic curves (ecdsa) are preferred # by letsencrypt. # # "-API": # Can be "staging" (default) or "production" # Let's encrypt has several rate limits to avoid DOS # situations: https://letsencrypt.org/docs/rate-limits/ # # When developing the interface (e.g. improving this script), you # should consider using the "staging" API of letsencrypt instead # of the "production" API to void these constraints. set api production #set api staging #set key_type rsa set key_type ecdsa set certfile "" # Get the first certificate from the driver location foreach entry [ns_driver info] { set module [dict get $entry module] if {[dict get $entry type] eq "nsssl"} { set server [dict get $entry server] if {$server ne ""} { set certfile [ns_config ns/server/$server/module/$module certificate] } else { set certfile [ns_config ns/module/$module certificate] } break } } if {$certfile eq ""} { error "no certificate configured" ns_return } set certdir [file dirname $certfile] ns_log notice "letsencrypt: -key_type $key_type -API $api -sslpath $certdir (certfile $certfile)" set c [::letsencrypt::Client new \ -key_type $key_type \ -API $api \ -sslpath $certdir] # # Produce UI page # ns_set iupdate [ns_conn outputheaders] "expires" "now" $c getCertificate $c destroy # # Local variables: # mode: tcl # tcl-indent-level: 4 # indent-tabs-mode: nil # End:
