Lines Matching +full:v +full:- +full:home
7 public $ca = 'https://acme-v01.api.letsencrypt.org';
8 // public $ca = 'https://acme-staging.api.letsencrypt.org'; // testing
9 public $license = 'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf';
12 public $challenge = 'http-01'; // http-01 challange only
14 // public $contact = array("mailto:cert-admin@example.com", "tel:+12025551212")
26 $this->certificatesDir = $certificatesDir;
27 $this->webRootDir = $webRootDir;
28 $this->logger = $logger;
29 $this->client = $client ? $client : new Client($this->ca);
30 $this->accountKeyPath = $certificatesDir . '/_account/private.pem';
35 if (!is_file($this->accountKeyPath)) {
38 // ---------------------------------------------
40 $this->log('Starting new account registration');
41 $this->generateKey(dirname($this->accountKeyPath));
42 $this->postNewReg();
43 $this->log('New account certificate registered');
47 $this->log('Account already registered. Continuing.');
54 $this->log('Starting certificate generation process for domains');
56 $privateAccountKey = $this->readPrivateKey($this->accountKeyPath);
60 // ----------------------------
65 // -------------------------------------------
67 $this->log("Requesting challenge for $domain");
69 $response = $this->signedRequest(
70 "/acme/new-authz",
71 … array("resource" => "new-authz", "identifier" => array("type" => "dns", "value" => $domain))
79 $challenge = array_reduce($response['challenges'], function ($v, $w) use (&$self) {
80 return $v ? $v : ($w['type'] == $self->challenge ? $w : false);
84 $this->log("Got challenge token for $domain");
85 $location = $this->client->getLastLocation();
89 // ---------------------------------------------------
91 $directory = $this->webRootDir . '/.well-known/acme-challenge';
111 // -------------------------------
113 $uri = "http://${domain}/.well-known/acme-challenge/${challenge['token']}";
115 $this->log("Token for $domain saved at $tokenPath and should be available at $uri");
119 throw new \RuntimeException("Please check $uri - token not available");
122 $this->log("Sending request to challenge");
125 $result = $this->signedRequest(
129 "type" => $this->challenge,
143 $this->log("Verification pending, sleeping 1s");
147 $result = $this->client->get($location);
151 $this->log("Verification ended with status: ${result['status']}");
156 // ----------------------
157 $domainPath = $this->getDomainPath(reset($domains));
161 $this->generateKey($domainPath);
165 $privateDomainKey = $this->readPrivateKey($domainPath . '/private.pem');
167 $this->client->getLastLinks();
170 $this->getCsrContent($domainPath . "/last.csr") :
171 $this->generateCSR($privateDomainKey, $domains);
174 $result = $this->signedRequest(
175 "/acme/new-cert",
176 array('resource' => 'new-cert', 'csr' => $csr)
178 if ($this->client->getLastCode() !== 201) {
179 …throw new \RuntimeException("Invalid response code: " . $this->client->getLastCode() . ", " . json…
181 $location = $this->client->getLastLocation();
186 $this->client->getLastLinks();
188 $result = $this->client->get($location);
190 if ($this->client->getLastCode() == 202) {
192 $this->log("Certificate generation pending, sleeping 1s");
195 } else if ($this->client->getLastCode() == 200) {
197 $this->log("Got certificate! YAY!");
198 $certificates[] = $this->parsePemFromBody($result);
201 foreach ($this->client->getLastLinks() as $link) {
202 $this->log("Requesting chained cert at $link");
203 $result = $this->client->get($link);
204 $certificates[] = $this->parsePemFromBody($result);
210 … throw new \RuntimeException("Can't get certificate: HTTP code " . $this->client->getLastCode());
217 $this->log("Saving fullchain.pem");
220 $this->log("Saving cert.pem");
223 $this->log("Saving chain.pem");
226 $this->log("Done !!§§!");
241 return "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n";
246 return $this->certificatesDir . '/' . $domain . '/';
251 $this->log('Sending registration to letsencrypt server');
253 $data = array('resource' => 'new-reg', 'agreement' => $this->license);
254 if(!$this->contact) {
255 $data['contact'] = $this->contact;
258 return $this->signedRequest(
259 '/acme/new-reg',
276 'HOME = .
277 RANDFILE = $ENV::HOME/.rnd
293 "ST" => $this->state,
294 "C" => $this->countryCode,
309 $csrPath = $this->getDomainPath($domain) . "/last.csr";
312 return $this->getCsrContent($csrPath);
318 preg_match('~REQUEST-----(.*)-----END~s', $csr, $matches);
345 $privateKey = $this->readPrivateKey($this->accountKeyPath);
358 $protected["nonce"] = $this->client->getLastNonce();
375 $this->log("Sending signed request to $uri");
377 return $this->client->post($uri, json_encode($data));
382 if($this->logger) {
383 $this->logger->info($message);
412 * Returns the Replay-Nonce header of the last request
451 $this->base = $base;
456 $headers = array('Accept: application/json', 'Content-Type: application/json');
458 curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base.$url);
486 $this->lastHeader = $header;
487 $this->lastCode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
495 return $this->curl('POST', $url, $data);
500 return $this->curl('GET', $url);
505 if(preg_match('~Replay\-Nonce: (.+)~i', $this->lastHeader, $matches)) {
509 $this->curl('GET', '/directory');
510 return $this->getLastNonce();
515 if(preg_match('~Location: (.+)~i', $this->lastHeader, $matches)) {
523 return $this->lastCode;
528 preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
537 return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
544 $padlen = 4 - $remainder;
547 return base64_decode(strtr($input, '-_', '+/'));