public function testFullProcess() { /* * Register account */ $data = $this->client->registerAccount('http://boulder:4000/terms/v1'); $this->assertInternalType('array', $data); $this->assertArrayHasKey('id', $data); $this->assertArrayHasKey('key', $data); $this->assertArrayHasKey('initialIp', $data); $this->assertArrayHasKey('createdAt', $data); $solver = new SimpleHttpSolver(); /* * Ask for domain challenge */ $challenges = $this->client->requestAuthorization('acmephp.com'); foreach ($challenges as $challenge) { if ('http-01' === $challenge->getType()) { break; } } $this->assertInstanceOf(AuthorizationChallenge::class, $challenge); $this->assertEquals('acmephp.com', $challenge->getDomain()); $this->assertContains('http://127.0.0.1:4000/acme/challenge', $challenge->getUrl()); $solver->solve($challenge); /* * Challenge check */ $process = $this->createServerProcess($challenge); $process->start(); $this->assertTrue($process->isRunning()); try { $check = $this->client->challengeAuthorization($challenge); $this->assertEquals('valid', $check['status']); } finally { $process->stop(); } /* * Request certificate */ $csr = new CertificateRequest(new DistinguishedName('acmephp.com'), (new KeyPairGenerator())->generateKeyPair()); $response = $this->client->requestCertificate('acmephp.com', $csr); $this->assertInstanceOf(CertificateResponse::class, $response); $this->assertEquals($csr, $response->getCertificateRequest()); $this->assertInstanceOf(Certificate::class, $response->getCertificate()); $this->assertInstanceOf(Certificate::class, $response->getCertificate()->getIssuerCertificate()); }
/** * Renew a given domain certificate. * * @param string $domain * @param array $alternativeNames */ private function executeRenewal($domain, array $alternativeNames) { /** @var LoggerInterface $monitoringLogger */ $monitoringLogger = $this->getContainer()->get('monitoring_factory')->createLogger(); try { // Check expiration date to avoid too much renewal $certificate = $this->repository->loadDomainCertificate($domain); if (!$this->input->getOption('force')) { /** @var ParsedCertificate $parsedCertificate */ $parsedCertificate = $this->getContainer()->get('ssl.certificate_parser')->parse($certificate); if ($parsedCertificate->getValidTo()->format('U') - time() >= 604800) { $monitoringLogger->debug('Certificate does not need renewal', ['domain' => $domain, 'valid_until' => $parsedCertificate->getValidTo()->format('Y-m-d H:i:s')]); $this->output->writeln(sprintf('<info>Current certificate is valid until %s, renewal is not necessary. Use --force to force renewal.</info>', $parsedCertificate->getValidTo()->format('Y-m-d H:i:s'))); return; } $monitoringLogger->debug('Certificate needs renewal', ['domain' => $domain, 'valid_until' => $parsedCertificate->getValidTo()->format('Y-m-d H:i:s')]); $this->output->writeln(sprintf('<info>Current certificate will expire in less than a week (%s), renewal is required.</info>', $parsedCertificate->getValidTo()->format('Y-m-d H:i:s'))); } else { $this->output->writeln('<info>Forced renewal.</info>'); } // Key pair $this->output->writeln('Loading domain key pair...'); $domainKeyPair = $this->repository->loadDomainKeyPair($domain); // Distinguished name $this->output->writeln('Loading domain distinguished name...'); $distinguishedName = $this->getOrCreateDistinguishedName($domain, $alternativeNames); // Renewal $this->output->writeln(sprintf('Renewing certificate for domain %s ...', $domain)); $csr = new CertificateRequest($distinguishedName, $domainKeyPair); $response = $this->client->requestCertificate($domain, $csr); $this->repository->storeDomainCertificate($domain, $response->getCertificate()); // Post-generate actions $this->output->writeln('Running post-generate actions...'); $this->actionHandler->handle($response); $this->output->writeln('<info>Certificate renewed successfully!</info>'); $monitoringLogger->info('Certificate renewed successfully', ['domain' => $domain]); } catch (\Exception $e) { $monitoringLogger->alert('A critical error occured during certificate renewal', ['exception' => $e]); } catch (\Throwable $e) { $monitoringLogger->alert('A critical error occured during certificate renewal', ['exception' => $e]); } }