From af084d541abeff4acab4b15ccd86cb4587646b53 Mon Sep 17 00:00:00 2001 From: Daniel Roesler Date: Thu, 5 Nov 2015 07:46:57 -0800 Subject: cleaned up various descriptions --- README.md | 6 +++--- sign_csr.py | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a4e86d1..bd1afdb 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ to run it on your your server as root, and it tries to edit your apache/nginx config files. I love the Let's Encrypt devs dearly, but there's no way I'm going to trust -their script to run on my server as root and be able to edit my server configs. -I'd just like the free ssl certificate, please. +their script to run on my server as root, be able to edit my server configs, and +have acces to my private keys. I'd just like the free ssl certificate, please. So I made a script that does that. You generate your private key and certificate signing request (CSR) like normal, then run `sign_csr.py` with your CSR to get @@ -307,7 +307,7 @@ Here's a website that is using a certificate signed using `sign_csr.py`: ##Feedback/Contributing I'd love to receive feedback, issues, and pull requests to make this script -better. The script itself, `sign_csr.py`, is less than 400 lines of code, so +better. The script itself, `sign_csr.py`, is less than 500 lines of code, so feel free to read through it! I tried to comment things well and make it crystal clear what it's doing. diff --git a/sign_csr.py b/sign_csr.py index 662a9fb..643fbb0 100644 --- a/sign_csr.py +++ b/sign_csr.py @@ -6,7 +6,10 @@ def sign_csr(pubkey, csr, email=None): """Use the ACME protocol to get an ssl certificate signed by a certificate authority. + :param string pubkey: Path to the user account public key. :param string csr: Path to the certificate signing request. + :param string email: An optional user account contact email + (defaults to webmaster@) :returns: Signed Certificate (PEM format) :rtype: string @@ -357,7 +360,7 @@ sudo python -c "import BaseHTTPServer; \\ sys.stderr.write("Passed {} challenge!\n".format(i['domain'])) break else: - raise KeyError("'{}' challenge did not pass: {}".format(i['domain'],challenge_status)) + raise KeyError("'{}' challenge did not pass: {}".format(i['domain'], challenge_status)) # Step 14: Get the certificate signed sys.stderr.write("Requesting signature...\n") -- cgit v1.2.3