search

Kong / kong-plugin-acme

Let's Encrypt and ACMEv2 integration with Kong - this plugin has been moved into https://github.com/Kong/kong, please open issues and PRs in that repo
Apache License 2.0
36 stars 10 forks source link

feat(apis) add endpoint to list certificates from storage #49

Closed fffonion closed 4 years ago

fffonion commented 4 years ago

New endpoints /acme/certificates and /acme/certificates/:certificates is added to allow user to peek the certificate created by this plugin. When running Kong in database mode, those endpoint returns certificate entity from Kong's database; in dbless mode, data from configured storage is returned.

Those endpoints are readonly, no update/delete is allowed at this time.

Sample output:

curl localhost:8001/acme/certificates |jq
{
  "data": [
    {
      "host": "x62357a8893cc.yyy.xxx",
      "not_before": "2020-09-08 11:01:53",
      "issuer_cn": "Fake LE Intermediate X1",
      "pubkey_type": "rsaEncryption",
      "valid": true,
      "serial_number": "FA:2E:45:37:38:3E:FC:AA:9A:45:7D:4F:20:F6:53:93:B0:26",
      "digest": "AF:20:65:2C:28:99:5A:5A:4A:2B:F2:F1:B3:FD:F3:35:3D:E9:D2:8A",
      "not_after": "2020-12-07 11:01:53"
    },
    {
      "host": "x62357a8893cc.yyy.xxx",
      "not_before": "2020-09-08 11:01:22",
      "issuer_cn": "Fake LE Intermediate X1",
      "pubkey_type": "rsaEncryption",
      "valid": true,
      "serial_number": "FA:CD:52:DA:AC:02:E3:10:2C:C3:5D:B4:48:A2:04:A8:73:BE",
      "digest": "84:58:D4:79:24:ED:22:AE:15:B1:55:99:4B:1C:5C:CD:12:B2:53:57",
      "not_after": "2020-12-07 11:01:22"
    },
    {
      "host": "x62357a8893cc.yyy.xxx"
      "not_before": "2020-09-08 11:05:08",
      "issuer_cn": "Fake LE Intermediate X1",
      "pubkey_type": "id-ecPublicKey",
      "valid": true,
      "serial_number": "FA:70:E5:71:2E:CA:04:84:E7:3F:00:3C:08:EC:5B:07:EF:E7",
      "digest": "67:9F:A8:D6:67:D5:03:B8:1F:A8:BE:C4:80:CC:2F:37:42:6D:18:3F",
      "not_after": "2020-12-07 11:05:08"
    }
  ]
}

curl localhost:8001/acme/certificates/x62357a8893cc.yyy.xxx |jq
{
  "data": {
    "host": "x62357a8893cc.yyy.xxx",
    "not_before": "2020-09-08 11:01:53",
    "issuer_cn": "Fake LE Intermediate X1",
    "pubkey_type": "rsaEncryption",
    "valid": true,
    "serial_number": "FA:2E:45:37:38:3E:FC:AA:9A:45:7D:4F:20:F6:53:93:B0:26",
    "digest": "AF:20:65:2C:28:99:5A:5A:4A:2B:F2:F1:B3:FD:F3:35:3D:E9:D2:8A",
    "not_after": "2020-12-07 11:01:53"
  }
}