summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Roesler <diafygi@gmail.com>2015-11-05 07:46:57 -0800
committerDaniel Roesler <diafygi@gmail.com>2015-11-05 07:46:57 -0800
commitaf084d541abeff4acab4b15ccd86cb4587646b53 (patch)
treedbc3d13cb78ce19829bc7d2c4ae759892fbe7046
parent8294ed7af3c49252f1b3e8699332f7811f4e4d77 (diff)
cleaned up various descriptions
-rw-r--r--README.md6
-rw-r--r--sign_csr.py5
2 files changed, 7 insertions, 4 deletions
diff --git a/README.md b/README.md
index a4e86d1..bd1afdb 100644
--- a/README.md
+++ b/README.md
@@ -10,8 +10,8 @@ to run it on your your server as root, and it tries to edit your apache/nginx
config files.
I love the Let's Encrypt devs dearly, but there's no way I'm going to trust
-their script to run on my server as root and be able to edit my server configs.
-I'd just like the free ssl certificate, please.
+their script to run on my server as root, be able to edit my server configs, and
+have acces to my private keys. I'd just like the free ssl certificate, please.
So I made a script that does that. You generate your private key and certificate
signing request (CSR) like normal, then run `sign_csr.py` with your CSR to get
@@ -307,7 +307,7 @@ Here's a website that is using a certificate signed using `sign_csr.py`:
##Feedback/Contributing
I'd love to receive feedback, issues, and pull requests to make this script
-better. The script itself, `sign_csr.py`, is less than 400 lines of code, so
+better. The script itself, `sign_csr.py`, is less than 500 lines of code, so
feel free to read through it! I tried to comment things well and make it crystal
clear what it's doing.
diff --git a/sign_csr.py b/sign_csr.py
index 662a9fb..643fbb0 100644
--- a/sign_csr.py
+++ b/sign_csr.py
@@ -6,7 +6,10 @@ def sign_csr(pubkey, csr, email=None):
"""Use the ACME protocol to get an ssl certificate signed by a
certificate authority.
+ :param string pubkey: Path to the user account public key.
:param string csr: Path to the certificate signing request.
+ :param string email: An optional user account contact email
+ (defaults to webmaster@<shortest_domain>)
:returns: Signed Certificate (PEM format)
:rtype: string
@@ -357,7 +360,7 @@ sudo python -c "import BaseHTTPServer; \\
sys.stderr.write("Passed {} challenge!\n".format(i['domain']))
break
else:
- raise KeyError("'{}' challenge did not pass: {}".format(i['domain'],challenge_status))
+ raise KeyError("'{}' challenge did not pass: {}".format(i['domain'], challenge_status))
# Step 14: Get the certificate signed
sys.stderr.write("Requesting signature...\n")