From 9619825d522d91cf12bf0e0dc80345aca03d0c48 Mon Sep 17 00:00:00 2001 From: Jason Heard Date: Tue, 17 Nov 2015 10:26:37 -0700 Subject: Address review feedback --- README.md | 15 +++++++-------- revoke_crt.py | 3 ++- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index f52d33c..1694138 100644 --- a/README.md +++ b/README.md @@ -312,7 +312,7 @@ Here's a website that is using a certificate signed using `sign_csr.py`: First, you will need to the user account key for Let's Encrypt that was used when the certifacate was signed. -Second, you will need the PEM encoded signed certificate that was produced bys +Second, you will need the PEM encoded signed certificate that was produced by `sign_csr.py`. Third, you run the script using python and passing in the path to your user @@ -324,10 +324,10 @@ can accept that as an optional argument. python revoke_crt.py --public-key user.pub domain.crt ``` -When you run the script, it will ask you do one manual signature if you didn't -provide your user private key. It has to ask you to do these because it doesn't -know your private key. You can edit the manual commands to fit your situation -(e.g. if your private key is in a different location). +When you run the script, it will ask you do one manual signature. It has to ask you +to do these because it doesn't know your private key. You can edit the manual +commands to fit your situation (e.g. if your private key is in a different +location). NOTE: When the script asks you to run these manual commands, you need to run them in a separate terminal window. You need to keep the script open while you @@ -339,8 +339,7 @@ again). The `*.json` and `*.sig` files are temporary files automatically generated by the script and will be destroyed when the script stops. They only contain the protocol requests and signatures. They do NOT contain your private keys -because this script does not have access to your private keys unless you choose -to give it access to your user key. +because this script does not have access to your private keys. ###Help text ``` @@ -353,7 +352,7 @@ for your private keys. It will print out commands that you need to run with your private key, which gives you a chance to review the commands instead of trusting this script. -NOTE: YOUR ACCOUNT KEY NEEDS TO BE THE SAME KEY USED TO ISSUE THE CERTIFICATE. +NOTE: YOUR PUBLIC KEY NEEDS TO BE THE SAME KEY USED TO ISSUE THE CERTIFICATE. Prerequisites: * openssl diff --git a/revoke_crt.py b/revoke_crt.py index 4d24db9..6ed3ed9 100644 --- a/revoke_crt.py +++ b/revoke_crt.py @@ -7,6 +7,7 @@ def revoke_crt(pubkey, crt): """Use the ACME protocol to revoke an ssl certificate signed by a certificate authority. + :param string pubkey: Path to the user account public key. :param string crt: Path to the signed certificate. """ #CA = "https://acme-staging.api.letsencrypt.org" @@ -116,7 +117,7 @@ for your private keys. It will print out commands that you need to run with your private key, which gives you a chance to review the commands instead of trusting this script. -NOTE: YOUR ACCOUNT KEY NEEDS TO BE THE SAME KEY USED TO ISSUE THE CERTIFICATE. +NOTE: YOUR PUBLIC KEY NEEDS TO BE THE SAME KEY USED TO ISSUE THE CERTIFICATE. Prerequisites: * openssl -- cgit v1.2.3