Mathematisches Institut der Universität Bonn

• NAME
• SYNOPSIS
• DESCRIPTION
• OPTIONS
• COMMANDS
• DEPENDENCIES
• AUTHOR
• LICENSE

NAME

haricari - minimal client for HARICA's API

SYNOPSIS

haricari [-v] [-n] [-d] [-u username] [-p password] [-b URL] [-X] [-Y certbundle] test|csr|(get|print)-format|cancel [args]

DESCRIPTION

haricari is a minimal client for HARICA's API. It currently supports uploading a CSR, downloading a certificate and canceling a request only.

OPTIONS

haricari understands the dollowing options:

-v

verbose mode. Print information on progess and SAN conversion.

-n

dry-run mode. Don't actually send the final command.

-d

debugging mode. Print internal debugging information.

-u username

use the specified username instead of prompting for it.

-p password

use the specified password instead of prompting for it (not recommended).

-b URL

use URL as the base URL for the API instead of the default https://cm.harica.gr/.

-X

don't verify SSL certificate (for the https connection to the API, that is).

-Y certbundle

use certbundle to verify the HTTPS connection to the API.

COMMANDS

The recognized commands are:

test|login

test whether the login credentials work.

csr|request csr ...

read a PKCS#10 CSR from each csr argument and, using the API, emulate something close to requesting a certificate based on the information therein.

Unfortunately, HARICA doesn't allow SANs starting with www., so in order to get a certificate for www.domain, we need to request one for domain and provide a includeWWW option, which will include domain in the SAN list. verbose mode shows what's actually requested.

Prints the transaction id(s) needed to fetch the certificate(s) after confirmation.

get-format id ...

Download the certificates with the given ids in format.

the supported formats are:

pem|certificate

certificate only in PEM format

pkcs7

PKCS#7 format

pembundle|bundle

certificate bundle in PEM format

The filename used is id.ext, where ext is .pem resp. .pkcs7 resp. .pembundle for the formats described above.

print-format id

Same as get-format, but outputs to stdout (one certificate only).

cancel id ...

cancel transactions (CSRs) with the given ids.

DEPENDENCIES

Term::ReadKey, IO::Prompter, LWP::UserAgent, HTTP::Request, HTTP::Request::Common, HTTP::Response, HTTP::Cookies, HTML::Parser, JSON, Crypt::PKCS10.

AUTHOR

Edgar Fuß, Mathematisches Institut der Universität Bonn <ef@math.uni-bonn.de>

LICENSE

This script may be redistributed and/or modified unter the same terms as Perl itself or under a 2-clause BSD licence.