How to use the acme.client.ClientV2 function in acme

To help you get started, we’ve selected a few acme examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github letsencrypt / pebble / test / chisel2.py View on Github external
def make_client(email=None):
    """Build an acme.Client and register a new account with a random key."""
    key = josepy.JWKRSA(key=rsa.generate_private_key(65537, 2048, default_backend()))

    net = acme_client.ClientNetwork(key, user_agent="Boulder integration tester")
    directory = messages.Directory.from_json(net.get(DIRECTORY).json())
    client = acme_client.ClientV2(directory, net)
    tos = client.directory.meta.terms_of_service
    if tos == ACCEPTABLE_TOS:
        net.account = client.new_account(messages.NewRegistration.from_data(email=email,
            terms_of_service_agreed=True))
    else:
        raise Exception("Unrecognized terms of service URL %s" % tos)
    return client
github letsencrypt / boulder / test / chisel2.py View on Github external
def uninitialized_client(key=None):
    if key is None:
        key = josepy.JWKRSA(key=rsa.generate_private_key(65537, 2048, default_backend()))
    net = acme_client.ClientNetwork(key, user_agent="Boulder integration tester")
    directory = messages.Directory.from_json(net.get(DIRECTORY_V2).json())
    return acme_client.ClientV2(directory, net)
github freenas / freenas / src / middlewared / middlewared / plugins / crypto.py View on Github external
# Making registration resource now
        registration = messages.RegistrationResource.from_json({
            'uri': data['uri'],
            'terms_of_service': data['tos'],
            'body': {
                'contact': [data['body']['contact']],
                'status': data['body']['status'],
                'key': {
                    'e': key_dict['e'],
                    'kty': 'RSA',
                    'n': key_dict['n']
                }
            }
        })

        return client.ClientV2(
            messages.Directory({
                'newAccount': data['new_account_uri'],
                'newNonce': data['new_nonce_uri'],
                'newOrder': data['new_order_uri'],
                'revokeCert': data['revoke_cert_uri']
            }),
            client.ClientNetwork(key, account=registration)
        ), key
github certbot / certbot / acme / examples / http01_example.py View on Github external
- Change contact information
    - Deactivate Account

    """
    # Create account key

    acc_key = jose.JWKRSA(
        key=rsa.generate_private_key(public_exponent=65537,
                                     key_size=ACC_KEY_BITS,
                                     backend=default_backend()))

    # Register account and accept TOS

    net = client.ClientNetwork(acc_key, user_agent=USER_AGENT)
    directory = messages.Directory.from_json(net.get(DIRECTORY_URL).json())
    client_acme = client.ClientV2(directory, net=net)

    # Terms of Service URL is in client_acme.directory.meta.terms_of_service
    # Registration Resource: regr
    # Creates account with contact information.
    email = ('fake@example.com')
    regr = client_acme.new_account(
        messages.NewRegistration.from_data(
            email=email, terms_of_service_agreed=True))

    # Create domain private key and CSR
    pkey_pem, csr_pem = new_csr_comp(DOMAIN)

    # Issue certificate

    orderr = client_acme.new_order(csr_pem)
github NabuCasa / hass-nabucasa / hass_nabucasa / acme.py View on Github external
directory = messages.Directory.from_json(
                    network.get(self._acme_server).json()
                )
                self._acme_client = client.ClientV2(directory, net=network)
            except errors.Error as err:
                _LOGGER.error("Can't connect to ACME server: %s", err)
                raise AcmeClientError()
            return

        # Create a new registration
        try:
            network = client.ClientNetwork(self._account_jwk, user_agent=USER_AGENT)
            directory = messages.Directory.from_json(
                network.get(self._acme_server).json()
            )
            self._acme_client = client.ClientV2(directory, net=network)
        except errors.Error as err:
            _LOGGER.error("Can't connect to ACME server: %s", err)
            raise AcmeClientError()

        try:
            _LOGGER.info(
                "Register a ACME account with TOS: %s",
                self._acme_client.directory.meta.terms_of_service,
            )
            regr = self._acme_client.new_account(
                messages.NewRegistration.from_data(
                    email=self._email, terms_of_service_agreed=True
                )
            )
        except errors.Error as err:
            _LOGGER.error("Can't register to ACME server: %s", err)
github zenhack / simp_le / simp_le.py View on Github external
def registered_client(args, existing_account_key, existing_account_reg):
    """Return an ACME v2 client from account key and registration.
    Register a new account or recover missing registration if necessary."""
    key = check_or_generate_account_key(args, existing_account_key)
    net = acme_client.ClientNetwork(
        key=key,
        account=existing_account_reg,
        user_agent=args.user_agent
    )
    directory = messages.Directory.from_json(net.get(args.server).json())
    client = acme_client.ClientV2(directory, net=net)

    if existing_account_reg is None:
        if args.email is None:
            logger.warning('--email was not provided; ACME CA will have no '
                           'way of contacting you.')
        new_reg = messages.NewRegistration.from_data(email=args.email)

        if "terms_of_service" in client.directory.meta:
            logger.info("By using simp_le, you implicitly agree "
                        "to the CA's terms of service: %s",
                        client.directory.meta.terms_of_service)
            new_reg = new_reg.update(terms_of_service_agreed=True)

        try:
            client.new_account(new_reg)
        except acme_errors.ConflictError as error:
github wiedi / kumquat / kumquat / management / commands / letsencrypt.py View on Github external
with open(key_file, 'r') as f:
			key  = jose.JWK.json_loads(f.read())
	except IOError as error:
		# Generate new private key, as we expect that the account doesn't exist
		private_key = rsa.generate_private_key(
			public_exponent = 65537,
			key_size        = settings.LETSENCRYPT_ACCT_KEY_BITS,
			backend         = default_backend()
		)
		key = jose.JWKRSA(key=private_key)
		# Prepare ACME client connection with account private key
		net         = client.ClientNetwork(key)
		directory   = messages.Directory.from_json(
			net.get(settings.LETSENCRYPT_ACME_SERVER).json()
		)
		client_acme = client.ClientV2(directory, net=net)
		# Generate a new account and store account information locally
		email = getattr(settings, 'KUMQUAT_EMAIL', None)
		regr  = client_acme.new_account(
			messages.NewRegistration.from_data(
				email                   = email,
				terms_of_service_agreed = True
			)
		)
		# Store private key as json format
		with open(key_file, 'w') as f:
			f.write(key.json_dumps())
		# Store regr information as json format
		with open(reg_file, 'w') as f:
			f.write(regr.json_dumps())

	return key, regr