diff --git a/letsencrypt/cli.py b/letsencrypt/cli.py index 311c212e8..515be4640 100644 --- a/letsencrypt/cli.py +++ b/letsencrypt/cli.py @@ -206,7 +206,7 @@ def install(args, config, plugins): return "Installer could not be determined" domains = _find_domains(args, installer) acme = _init_acme(config, acc, authenticator=None, installer=installer) - assert args.cert_path is not None + assert args.cert_path is not None # required=True in the subparser acme.deploy_certificate(domains, acc.key.file, args.cert_path, args.chain_path) acme.enhance_config(domains, args.redirect) @@ -488,7 +488,7 @@ def create_parser(plugins, args): add_subparser("run", run) parser_auth = add_subparser("auth", auth) - add_subparser("install", install) + parser_install = add_subparser("install", install) parser_revoke = add_subparser("revoke", revoke) parser_rollback = add_subparser("rollback", rollback) add_subparser("config_changes", config_changes) @@ -503,6 +503,12 @@ def create_parser(plugins, args): "--chain-path", default=flag_default("chain_path"), help="When using --csr this is where certificate chain is saved.") + parser_install.add_argument( + "--cert-path", required=True, help="Path to a certificate that " + "is going to be installed.") + parser_install.add_argument( + "--chain-path", help="Accompanying path to a certificate chain.") + parser_plugins = add_subparser("plugins", plugins_cmd) parser_plugins.add_argument("--init", action="store_true") parser_plugins.add_argument("--prepare", action="store_true") diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh index 0b5113215..decba5859 100755 --- a/tests/boulder-integration.sh +++ b/tests/boulder-integration.sh @@ -25,16 +25,17 @@ common() { common --domains le1.wtf auth common --domains le2.wtf run -common --domains le3.wtf install export CSR_PATH="${root}/csr.der" OPENSSL_CNF=examples/openssl.cnf -./examples/generate-csr.sh le4.wtf +./examples/generate-csr.sh le3.wtf common auth --csr "$CSR_PATH" \ --cert-path "${root}/csr/cert.pem" \ --chain-path "${root}/csr/chain.pem" openssl x509 -in "${root}/csr/0000_cert.pem" -text openssl x509 -in "${root}/csr/0000_chain.pem" -text +common --domain le3.wtf install --cert-path "${root}/csr/cert.pem" + # the following assumes that Boulder issues certificates for less than # 10 years, otherwise renewal will not take place cat < "$root/conf/renewer.conf"