diff options
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | sign_csr.py | 5 |
2 files changed, 7 insertions, 4 deletions
@@ -10,8 +10,8 @@ to run it on your your server as root, and it tries to edit your apache/nginx config files. I love the Let's Encrypt devs dearly, but there's no way I'm going to trust -their script to run on my server as root and be able to edit my server configs. -I'd just like the free ssl certificate, please. +their script to run on my server as root, be able to edit my server configs, and +have acces to my private keys. I'd just like the free ssl certificate, please. So I made a script that does that. You generate your private key and certificate signing request (CSR) like normal, then run `sign_csr.py` with your CSR to get @@ -307,7 +307,7 @@ Here's a website that is using a certificate signed using `sign_csr.py`: ##Feedback/Contributing I'd love to receive feedback, issues, and pull requests to make this script -better. The script itself, `sign_csr.py`, is less than 400 lines of code, so +better. The script itself, `sign_csr.py`, is less than 500 lines of code, so feel free to read through it! I tried to comment things well and make it crystal clear what it's doing. diff --git a/sign_csr.py b/sign_csr.py index 662a9fb..643fbb0 100644 --- a/sign_csr.py +++ b/sign_csr.py @@ -6,7 +6,10 @@ def sign_csr(pubkey, csr, email=None): """Use the ACME protocol to get an ssl certificate signed by a certificate authority. + :param string pubkey: Path to the user account public key. :param string csr: Path to the certificate signing request. + :param string email: An optional user account contact email + (defaults to webmaster@<shortest_domain>) :returns: Signed Certificate (PEM format) :rtype: string @@ -357,7 +360,7 @@ sudo python -c "import BaseHTTPServer; \\ sys.stderr.write("Passed {} challenge!\n".format(i['domain'])) break else: - raise KeyError("'{}' challenge did not pass: {}".format(i['domain'],challenge_status)) + raise KeyError("'{}' challenge did not pass: {}".format(i['domain'], challenge_status)) # Step 14: Get the certificate signed sys.stderr.write("Requesting signature...\n") |