certbot.cert_manager

Tools for managing certificates.

Update the certificate file family symlinks to use archive_dir.

Use the information in the config file to make symlinks point to the correct archive directory.

Note

This assumes that the installation is using a Reverter object.

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.
certbot.cert_manager.rename_lineage(config)[source]

Rename the specified lineage to the new name.

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.
certbot.cert_manager.certificates(config)[source]

Display information about certs configured with Certbot

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.
certbot.cert_manager.delete(config)[source]

Delete Certbot files associated with a certificate lineage.

certbot.cert_manager.lineage_for_certname(cli_config, certname)[source]

Find a lineage object with name certname.

certbot.cert_manager.domains_for_certname(config, certname)[source]

Find the domains in the cert with name certname.

certbot.cert_manager.find_duplicative_certs(config, domains)[source]

Find existing certs that match the given domain names.

This function searches for certificates whose domains are equal to the domains parameter and certificates whose domains are a subset of the domains in the domains parameter. If multiple certificates are found whose names are a subset of domains, the one whose names are the largest subset of domains is returned.

If multiple certificates’ domains are an exact match or equally sized subsets, which matching certificates are returned is undefined.

Parameters:
Returns:

lineages representing the identically matching cert and the largest subset if they exist
Return type:

tuple of storage.RenewableCert or None
certbot.cert_manager._archive_files(candidate_lineage, filetype)[source]

In order to match things like: /etc/letsencrypt/archive/example.com/chain1.pem.

Anonymous functions which call this function are eventually passed (in a list) to match_and_check_overlaps to help specify the acceptable_matches.

Parameters:
  • candidate_lineage (storage.RenewableCert) – Lineage whose archive dir is to be searched.
  • filetype (str) – main file name prefix e.g. “fullchain” or “chain”.
Returns:

Files in candidate_lineage’s archive dir that match the provided filetype.
Return type:

list of str or None
certbot.cert_manager._acceptable_matches()[source]

Generates the list that’s passed to match_and_check_overlaps. Is its own function to make unit testing easier.

Returns:list of functions
Return type:list
certbot.cert_manager.cert_path_to_lineage(cli_config)[source]

If config.cert_path is defined, try to find an appropriate value for config.certname.

Parameters:

cli_config (configuration.NamespaceConfig) – parsed command line arguments
Returns:

a lineage name
Return type:

str
Raises:
certbot.cert_manager.match_and_check_overlaps(cli_config, acceptable_matches, match_func, rv_func)[source]

Searches through all lineages for a match, and checks for duplicates. If a duplicate is found, an error is raised, as performing operations on lineages that have their properties incorrectly duplicated elsewhere is probably a bad idea.

Parameters:
  • cli_config (configuration.NamespaceConfig) – parsed command line arguments
  • acceptable_matches (list) – a list of functions that specify acceptable matches
  • match_func (function) – specifies what to match
  • rv_func (function) – specifies what to return
certbot.cert_manager.human_readable_cert_info(config, cert, skip_filter_checks=False)[source]

Returns a human readable description of info about a RenewableCert object

certbot.cert_manager._get_certnames(config, verb, allow_multiple=False)[source]

Get certname from flag, interactively, or error out.

certbot.cert_manager._report_lines(msgs)[source]

Format a results report for a category of single-line renewal outcomes

certbot.cert_manager._report_human_readable(config, parsed_certs)[source]

Format a results report for a parsed cert

certbot.cert_manager._describe_certs(config, parsed_certs, parse_failures)[source]

Print information about the certs we know about

certbot.cert_manager._search_lineages(cli_config, func, initial_rv, *args)[source]

Iterate func over unbroken lineages, allowing custom return conditions.

Allows flexible customization of return values, including multiple return values and complex checks.

Parameters:
  • cli_config (configuration.NamespaceConfig) – parsed command line arguments
  • func (function) – function used while searching over lineages
  • initial_rv – initial return value of the function (any type)
Returns:

Whatever was specified by func if a match is found.