Home Explore Help
Register Sign In
Apq
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Add --list-profiles command to show CA profiles

This commit introduces a new command, `--list-profiles`, to allow users to discover the certificate profiles supported by a Certificate Authority.

The command queries the `meta.profiles` object within the ACME directory JSON for the selected server and formats the output for readability. If a CA does not publish profiles in its directory, the command reports that none were found.

Usage:
  acme.sh --list-profiles [--server letsencrypt]
Steven Zhu 3 weeks ago
parent
f2dbf56db1
commit
b244c76dd5
1 changed files with 49 additions and 0 deletions
Split View Show Diff Stats
  1. 49 0
      acme.sh

+ 49 - 0
acme.sh
View File 

@@ -5838,6 +5838,49 @@ list() {
 
 
 }
 
 
+list_profiles() {
 
+  _initpath
 
+  _initAPI
 
+
 
+  _l_server_url="$ACME_DIRECTORY"
 
+  _l_server_name="$(_getCAShortName "$_l_server_url")"
 
+  _info "Fetching profiles from $_l_server_name ($_l_server_url)..."
 
+
 
+  # _initAPI fetches the directory, so we just need to parse its response.
 
+  response=$(_get "$_l_server_url" "" 10)
 
+  if [ "$?" != "0" ]; then
 
+    _err "Failed to connect to CA directory: $_l_server_url"
 
+    return 1
 
+  fi
 
+
 
+  # Isolate the profiles object using the script's regex tool
 
+  profiles_json=$(echo "$response" | _egrep_o '"profiles" *: *\{[^\}]*\}')
 
+
 
+  if [ -z "$profiles_json" ]; then
 
+    _info "The CA '$_l_server_name' does not publish certificate profiles via its directory endpoint."
 
+    return 0
 
+  fi
 
+
 
+  # Strip the outer layer to get the key-value pairs
 
+  profiles_kv=$(echo "$profiles_json" | sed 's/"profiles" *: *{//' | sed 's/}$//' | tr ',' '\n')
 
+
 
+  printf "\n%-15s %s\n" "name" "info"
 
+  printf -- "--------------------------------------------------------------------\n"
 
+
 
+  _old_IFS="$IFS"
 
+  IFS='
 
+'
 
+  for pair in $profiles_kv; do
 
+    # Trim quotes and whitespace
 
+    _name=$(echo "$pair" | cut -d: -f1 | tr -d '" \t')
 
+    _info_url=$(echo "$pair" | cut -d: -f2- | sed 's/^ *//' | tr -d '"')
 
+    printf "%-15s %s\n" "$_name" "$_info_url"
 
+  done
 
+  IFS="$_old_IFS"
 
+
 
+  return 0
 
+}
 
+
 
 _deploy() {
 
   _d="$1"
 
   _hooks="$2"
 
@@ -7498,6 +7541,9 @@ _process() {
 
     --set-default-chain)
 
       _CMD="setdefaultchain"
 
       ;;
 
+    --list-profiles)
 
+      _CMD="list_profiles"
 
+      ;;      
     -d | --domain)
 
       _dvalue="$2"
 
 
@@ -8063,6 +8109,9 @@ _process() {
 
   setdefaultchain)
 
     setdefaultchain "$_preferred_chain"
 
     ;;
 
+  list_profiles)
 
+    list_profiles
 
+    ;;    
   *)
 
     if [ "$_CMD" ]; then
 
       _err "Invalid command: $_CMD"