Add SSL.com provider

2024-01-09 17:45:35 +02:00 · 2024-01-09 17:45:35 +02:00 · 5096650c47
parent 216d30b600
commit 5096650c47
10 changed files with 122 additions and 2 deletions
--- a/acme4j-client/src/main/java/module-info.java
+++ b/acme4j-client/src/main/java/module-info.java
@ -37,5 +37,6 @@ module org.shredzone.acme4j {
    provides org.shredzone.acme4j.provider.AcmeProvider
            with org.shredzone.acme4j.provider.GenericAcmeProvider,
                 org.shredzone.acme4j.provider.letsencrypt.LetsEncryptAcmeProvider,
+                 org.shredzone.acme4j.provider.sslcom.SslComAcmeProvider,
                 org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider;
 }
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/sslcom/SslComAcmeProvider.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/sslcom/SslComAcmeProvider.java
@ -0,0 +1,64 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2015 Richard "Shred" Körber
+ *   http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+package org.shredzone.acme4j.provider.sslcom;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+
+import org.shredzone.acme4j.exception.AcmeProtocolException;
+import org.shredzone.acme4j.provider.AbstractAcmeProvider;
+import org.shredzone.acme4j.provider.AcmeProvider;
+
+/**
+ * An {@link AcmeProvider} for <em>SSL.com</em>.
+ * <p>
+ * The {@code serverUri} is {@code "acme://ssl.com"} for the production server,
+ * and {@code "acme://acme-try.ssl.com"} for a testing server.
+ * <p>
+ * If you want to use <em>SSL.com</em>, always prefer to use this provider.
+ *
+ * @see <a href="https://ssl.com/">SSL.com</a>
+ */
+public class SslComAcmeProvider extends AbstractAcmeProvider {
+
+    private static final String V02_DIRECTORY_URL = "https://acme.ssl.com/sslcom-dv-ecc";
+    private static final String STAGING_DIRECTORY_URL = "https://acme-try.ssl.com/sslcom-dv-ecc";
+
+    @Override
+    public boolean accepts(URI serverUri) {
+        return "acme".equals(serverUri.getScheme())
+                && "ssl.com".equals(serverUri.getHost());
+    }
+
+    @Override
+    public URL resolve(URI serverUri) {
+        var path = serverUri.getPath();
+        String directoryUrl;
+        if (path == null || "".equals(path) || "/".equals(path) || "/v02".equals(path)) {
+            directoryUrl = V02_DIRECTORY_URL;
+        } else if ("/staging".equals(path)) {
+            directoryUrl = STAGING_DIRECTORY_URL;
+        } else {
+            throw new IllegalArgumentException("Unknown URI " + serverUri);
+        }
+
+        try {
+            return new URL(directoryUrl);
+        } catch (MalformedURLException ex) {
+            throw new AcmeProtocolException(directoryUrl, ex);
+        }
+    }
+
+}
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/provider/sslcom/package-info.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/provider/sslcom/package-info.java
@ -0,0 +1,29 @@
+/*
+ * acme4j - Java ACME client
+ *
+ * Copyright (C) 2020 Richard "Shred" Körber
+ *   http://acme4j.shredzone.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/**
+ * This package contains the SSL.com
+ * {@link org.shredzone.acme4j.provider.AcmeProvider}.
+ *
+ * @see <a href="https://ssl.com/">SSL.com</a>
+ */
+@ReturnValuesAreNonnullByDefault
+@DefaultAnnotationForParameters(NonNull.class)
+@DefaultAnnotationForFields(NonNull.class)
+package org.shredzone.acme4j.provider.sslcom;
+
+import edu.umd.cs.findbugs.annotations.DefaultAnnotationForFields;
+import edu.umd.cs.findbugs.annotations.DefaultAnnotationForParameters;
+import edu.umd.cs.findbugs.annotations.NonNull;
+import edu.umd.cs.findbugs.annotations.ReturnValuesAreNonnullByDefault;
--- a/acme4j-client/src/main/resources/META-INF/services/org.shredzone.acme4j.provider.AcmeProvider
+++ b/acme4j-client/src/main/resources/META-INF/services/org.shredzone.acme4j.provider.AcmeProvider
@ -4,3 +4,6 @@ org.shredzone.acme4j.provider.letsencrypt.LetsEncryptAcmeProvider

 # Pebble (ACME Test Server): https://github.com/letsencrypt/pebble
 org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider
+
+# SSL.com: https://ssl.com
+org.shredzone.acme4j.provider.sslcom.SslComAcmeProvider
--- a/src/doc/docs/ca/index.md
+++ b/src/doc/docs/ca/index.md
@ -8,6 +8,7 @@ The _acme4j_ package contains these providers:

 * [Let's Encrypt](letsencrypt.md)
 * [Pebble](pebble.md)
+* [SSL.com](sslcom.md)

 More CAs may be supported in future releases of _acme4j_.

--- a/src/doc/docs/ca/sslcom.md
+++ b/src/doc/docs/ca/sslcom.md
@ -0,0 +1,8 @@
+# SSL.com
+
+Web site: [SSL.com](https://ssl.com)
+
+## Connection URIs
+
+* `acme://ssl.com` - Production server
+* `acme://ssl.com/staging` - Testing server
--- a/src/doc/docs/development/provider.md
+++ b/src/doc/docs/development/provider.md
@ -6,11 +6,15 @@ Basically, it is possible to connect to any kind of ACME server just by connecti
 Session session = new Session("https://acme-v02.api.letsencrypt.org/directory");
 ```

-ACME providers are "plug-ins" to _acme4j_ that are specialized on a single CA. For example, the _Let's Encrypt_ provider offers URIs that are much easier to remember. The example above would look like this:
+ACME providers are "plug-ins" to _acme4j_ that are specialized on a single CA. For example, the _Let's Encrypt_ and _SSL.com_ providers offers URIs that are much easier to remember. The example above would look like this:

 ```java
 Session session = new Session("acme://letsencrypt.org");
 ```
+or this:
+```java
+Session session = new Session("acme://ssl.com");
+```

 ## Writing your own Provider

--- a/src/doc/docs/faq.md
+++ b/src/doc/docs/faq.md
@ -70,4 +70,5 @@ You can still revoke certificates without account key pair though, see [here](us
 ## Where can I find more help?

 * [Let's Encrypt Documentation](https://letsencrypt.org/docs/)
-* [Let's Encrypt Community](https://community.letsencrypt.org/) - If the question is _acme4j_ related, please mention it in your post.
+* [Let's Encrypt Community](https://community.letsencrypt.org/) - If the question is _acme4j_ related, please mention it in your post.
+* [SSL.com Knowledgebase](https://www.ssl.com/info/)
--- a/src/doc/docs/usage/connecting.md
+++ b/src/doc/docs/usage/connecting.md
@ -22,6 +22,10 @@ Such an URI is hard to remember and might even change in the future. For this re
 ```java
 Session session = new Session("acme://letsencrypt.org/staging");
 ```
+or
+```java
+Session session = new Session("acme://ssl.com/staging");
+```

 Instead of a generic provider, this call uses a specialized _Let's Encrypt_ provider.

@ -32,6 +36,10 @@ To use the _Let's Encrypt_ production server, you only need to change the ACME U
 ```java
 Session session = new Session("acme://letsencrypt.org");
 ```
+or to use the _SSL.com_ production server:
+```java
+Session session = new Session("acme://ssl.com");
+```

 ## Metadata

--- a/src/doc/mkdocs.yml
+++ b/src/doc/mkdocs.yml
@ -44,6 +44,7 @@ nav:
    - 'ca/index.md'
    - 'ca/letsencrypt.md'
    - 'ca/pebble.md'
+    - 'ca/sslcom.md'
  - Development:
    - 'development/index.md'
    - 'development/provider.md'