1.2.7. letsencrypt
¶
This module provides the functionality related to managing SSL certificates with Let’s Encrypt.
1.2.7.1. Data¶
1.2.7.2. Functions¶
-
certbot_issue
(webroot, hostname, bin_path=None, unified_directory=None)[source]¶ Issue a certificate using Let’s Encrypt’s
certbot
utility. This function wraps thecertbot
binary and configures the parameters as appropriate. By default, the resulting certificate will be placed underLETS_ENCRYPT_DEFAULT_DATA_PATH
, however if unified_directory is used then it will be under$unified_directory/etc
.Parameters: - webroot (str) – The webroot to use while requesting the certificate.
- hostname (str) – The hostname of the certificate to request.
- bin_path (str) – The optional path to the
certbot
binary. If not specified, then it will be searched for utilizingwhich()
. - unified_directory (str) – A single directory under which all the Let’s Encrypt data should be stored. This is useful when not running the utility as root.
Returns: The exit status of the
certbot
utility.Return type:
-
get_certbot_bin_path
(config=None)[source]¶ Get the path to Let’s Encrypt’s
certbot
command line utility. If the path is found, it is verified to be both a file and executable. If the path verification fails,None
is returned.New in version 1.14.0.
Parameters: config ( smoke_zephyr.configuration.Configuration
) – Configuration to retrieve settings from.Returns: The path to the certbot binary. Return type: str
-
get_sni_hostname_config
(hostname, config=None)[source]¶ Search for and return the SNI configuration for the specified hostname. This method will first check to see if the entry exists in the database before searching the Let’s Encrypt data directory (if
data_path
is present in the server configuration). If no configuration data is found, or the data file paths appear invalid,None
is returned.Parameters: - hostname (str) – The hostname to retrieve the configuration for.
- config (
smoke_zephyr.configuration.Configuration
) – Configuration to retrieve settings from.
Returns: The SNI configuration for the hostname if it was found.
Return type:
-
get_sni_hostnames
(config=None, check_files=True)[source]¶ Retrieve all the hostnames for which a valid SNI configuration can be retrieved. These are the hostnames for which SNI can be enabled. If check_files is enabled, the data files will be checked to ensure that they exist and are readable, else the configuration will be omitted.
Parameters: - config (
smoke_zephyr.configuration.Configuration
) – Configuration to retrieve settings from. - check_files (bool) – Whether or not to check the referenced data files.
Returns: A dictionary, keyed by hostnames with values of
SNIHostnameConfiguration
instances.Return type: - config (