Python project that will generate a CSR, request a certificate, verify domain and install CA and signed certificate on server.
Built using:
- ZeroSSL (SSL Certificate) - ZeroSSL API
- Let's Encrypt (SSL Certificate) - Let's Encrypt API
- MXToolBox (DNS Verification) - MXTOOLBOX API
- DigitalOcean (DNS Provider) - DigitalOcean API
- Cloudflare (DNS Provider) - Cloudflare API
- Cisco UC (Certificate Management) - Cisco UC API
Note: The Certification Management API supports CUCM, IM&P, CUC, and CER products with version 14 and later. Earlier versions will need to use SSH to install certificates.
Need to restart services after install. This can be done via SSH or AXL. 'utils service restart Cisco Tomcat'
Create python enviromemnt
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
Create ENV file
touch .env
Add variables to ENV file
CF_KEY=
CF_ZONE=
DO_KEY=
ZEROSSL_KEY=
MXTOOLBOX_KEY=
UC_USER=
UC_PASS=
LETSENCRYPT_EMAIL=
Run python scripts with correct flags
python3 get-cert.py --host cucm --domain cisco.com [-h] [-v] [-ca] [--ssh] [--days DAYS] [--dnsprovider PROVIDER] [--sslprovider PROVIDER]
optional arguments:
-h, --help show this help message and exit
-v, --verbose Enable verbose output
-ca Install Intermediate Certificate
--ssh Install certificate via SSH instead of API.
--days Certificate Validity Days. Defaults to 90 days. Options are 90 or 365. Note: Let's Encrypt only supports 90 days.
--dnsprovider DNS Provider. Defaults to cloudflare. Options are digitalocean or cloudflare.
--sslprovider SSL Provider. Defaults to letsencrypt. Options are zerossl or letsencrypt.
Like content like this? Check out my Medium blog for more projects.
If you would like to support my work and the time I put in creating the code, you can click the image below to get me a coffee. I would really appreciate it (but is not required).
-Jeremy Worden