Generating and download an actual certificate

[abunashir]

This request specs will go through each of the process starting from creating a new certificate order to download, more details will follow.

[abunashir]

Hi @ronaldtse , any type of create operation is throwing a server error without any error message, like trying to create an organization, domain or even order. It is same for duplicating or reissuing an existing order. Is there anything (like permission or something) we need to do allow the create operation using our API keys?

Here is a screenshot for the order-creation for a ssl-plus endpoint, could you please check it out and let me know if there is anything else we need to do differently

[ronaldtse]

Abu, I've pushed some changes to dynamically generate the CSR (to match details of the fetched organization), but I can't figure out why the 500 occurs. I'll send them an email.

On the other hand, when I was trying to find out the default container id, I found that their API also allows listing containers which wasn't documented, so I've added that section too.

[abunashir]

That's awesome Ron, I was hoping to do that but I did not know we can actually do that :), and thanks for adding the container listing details, I will extract that from this PR and merge it right.

Regarding the Digicert Response, I guess there is something on their end or we need to have some sort permission or something. Please let me know once you hear from them.

[ronaldtse]

DigiCert engineers are investigating now. In any case a 500 is not supposed to happen :-)

[ronaldtse]

Hi Abu, I've been debugging with the Digicert guys and lo and behold -- I've fixed it now. The request.initialize_http_header call should only be called once because it wipes the previous headers.

The correct way of adding headers is request["myheader"] = x.

[abunashir]

Awesome! Sorry, somehow I missed it but it's really awesome! I will continue to work on the remaining parts.

[abunashir]

Finalized Story

This commit adds a request specs, that goes through the complete order process and wait a certain time for the certificate to be issued. One then download the certificate content and save it to a temporary variable and finally revoke just created certificate

This also sets the debug_mode mode to on for actual API calls as those are expensive and it's always handy to see what's going on under the hood.

Note: We wait 10 seconds for the certificate to be approved, but still there is a possibilities that it might fail, in that case please check log or the Digicert account for details.

[ronaldtse]

@abunashir , could we also add the certificate issue + download request for the different types of certificates (ssl_wildcard, client_digital_signature_plus, etc) to ensure that those can be issued? Thanks!