Hi,
I’m currently working on an automated solution to have Nginx as a reverse proxy for all HTTPS traffic. But for this solution to be feasible, my script need to be able to get the current installed SSL on a domain.
Currently, I can easily parse through the ssl.db file from each hosting, but the problem occurs when some of those file show more than one installed SSL for the same domain. Here an example of an output I get with the UAPI which if giving me the same result as the ssl.db yaml file:
My question id how can I get the actual installed SSL for the hosting? Even the uapi SSL:: fetch_best_for_domain (uapi --user=myuser SSL fetch_best_for_domain domain=example.com) function didn’t return the same SSL that is listing inside the user cPanel GUI interface.
I’m currently working on an automated solution to have Nginx as a reverse proxy for all HTTPS traffic. But for this solution to be feasible, my script need to be able to get the current installed SSL on a domain.
Currently, I can easily parse through the ssl.db file from each hosting, but the problem occurs when some of those file show more than one installed SSL for the same domain. Here an example of an output I get with the UAPI which if giving me the same result as the ssl.db yaml file:
Code:
[email protected] [/home/mca/ssl]# uapi --user=mca SSL list_certs
---
apiversion: 3
func: list_certs
module: SSL
result:
data:
-
created: '1462902596'
domain_is_configured: 1
domains:
- www.example.com
- example.com
friendly_name: www.example.com and example.com 2
id: www_example_com_d3b4a_...
is_self_signed: 0
issuer.commonName: GeoTrust EV SSL CA - G4
issuer.organizationName: GeoTrust Inc.
issuer_text: "\nGeoTrust EV SSL CA - G4"
modulus: d....
modulus_length: 4096
not_after: '1528588799'
not_before: '1462838400'
signature_algorithm: sha256WithRSAEncryption
subject.commonName: www.m105.ca
subject_text: "..."
validation_type: ev
-
created: '1517513665'
domain_is_configured: 1
domains:
- www.example.com
- mexample.com
friendly_name: Cert for “example.com”
id: www_example5_com_c0061_...
is_self_signed: 0
issuer.commonName: GeoTrust EV RSA CA 2018
issuer.organizationName: DigiCert Inc
issuer_text: "\nwww.digicert.com\ncommonName\nGeoTrust EV RSA CA 2018"
modulus: c.....
modulus_length: 4096
not_after: '1528545600'
not_before: '1517443200'
signature_algorithm: sha256WithRSAEncryption
subject.commonName: www.example.com
subject_text: "..."
validation_type: ev
errors: ~
messages: ~
metadata:
transformed: 1
status: 1