salt.modules.namecheap_ssl module

Namecheap SSL Certificate Management

New in version 2017.7.0.

Prerequisites

This module uses the requests Python module to communicate to the namecheap API.

Configuration

The Namecheap username, API key and URL should be set in the minion configuration file, or in the Pillar data.

namecheap.name: companyname
namecheap.key: a1b2c3d4e5f67a8b9c0d1e2f3
namecheap.client_ip: 162.155.30.172
#Real url
namecheap.url: https://api.namecheap.com/xml.response
#Sandbox url
#namecheap.url: https://api.sandbox.namecheap.xml.response
salt.modules.namecheap_ssl.activate(csr_file, certificate_id, web_server_type, approver_email=None, http_dc_validation=False, **kwargs)

Activates a newly-purchased SSL certificate. Returns a dictionary of result values.

csr_file

Path to Certificate Signing Request file

certificate_id

Unique ID of the SSL certificate you wish to activate

web_server_type

The type of certificate format to return. Possible values include:

  • apache2

  • apacheapachessl

  • apacheopenssl

  • apacheraven

  • apachessl

  • apachessleay

  • c2net

  • cobaltseries

  • cpanel

  • domino

  • dominogo4625

  • dominogo4626

  • ensim

  • hsphere

  • ibmhttp

  • iis

  • iis4

  • iis5

  • iplanet

  • ipswitch

  • netscape

  • other

  • plesk

  • tomcat

  • weblogic

  • website

  • webstar

  • zeusv3

approver_email

The email ID which is on the approver email list.

Note

http_dc_validation must be set to False if this option is used.

http_dc_validationFalse

Whether or not to activate using HTTP-based validation.

Note

For other parameters which may be required, see here.

CLI Example:

salt 'my-minion' namecheap_ssl.activate my-csr-file my-cert-id apachessl
salt.modules.namecheap_ssl.create(years, certificate_type, promotion_code=None, sans_to_add=None)

Creates a new SSL certificate. Returns the following information:

  • Whether or not the SSL order was successful

  • The certificate ID

  • The order ID

  • The transaction ID

  • The amount charged for the order

  • The date on which the certificate was created

  • The date on which the certificate will expire

  • The type of SSL certificate

  • The number of years for which the certificate was purchased

  • The current status of the SSL certificate

years1

Number of years to register

certificate_type

Type of SSL Certificate. Possible values include:

  • EV Multi Domain SSL

  • EV SSL

  • EV SSL SGC

  • EssentialSSL

  • EssentialSSL Wildcard

  • InstantSSL

  • InstantSSL Pro

  • Multi Domain SSL

  • PositiveSSL

  • PositiveSSL Multi Domain

  • PositiveSSL Wildcard

  • PremiumSSL

  • PremiumSSL Wildcard

  • QuickSSL Premium

  • RapidSSL

  • RapidSSL Wildcard

  • SGC Supercert

  • SSL Web Server

  • SSL Webserver EV

  • SSL123

  • Secure Site

  • Secure Site Pro

  • Secure Site Pro with EV

  • Secure Site with EV

  • True BusinessID

  • True BusinessID Multi Domain

  • True BusinessID Wildcard

  • True BusinessID with EV

  • True BusinessID with EV Multi Domain

  • Unified Communications

promotional_code

An optional promo code to use when creating the certificate

sans_to_add0

This parameter defines the number of add-on domains to be purchased in addition to the default number of domains included with a multi-domain certificate. Each certificate that supports SANs has the default number of domains included. You may check the default number of domains included and the maximum number of domains that can be added to it in the table below.

Provider

Product name

Default number of domains (domain from CSR is counted here)

Maximum number of total domains

Maximum number of domains that can be passed in sans_to_add parameter

Comodo

PositiveSSL Multi-Domain

3

100

97

Comodo

Multi-Domain SSL

3

100

97

Comodo

EV Multi- Domain SSL

3

100

97

Comodo

Unified Communications

3

100

97

GeoTrust

QuickSSL Premium

1

1 domain + 4 subdomains

The only supported value is 4

GeoTrust

True BusinessID with EV Multi-Domain

5

25

20

GeoTrust

True Business ID Multi- Domain

5

25

20

Thawte

SSL Web Server

1

25

24

Thawte

SSL Web Server with EV

1

25

24

Thawte

SGC Supercerts

1

25

24

Symantec

Secure Site Pro with EV

1

25

24

Symantec

Secure Site with EV

1

25

24

Symantec

Secure Site

1

25

24

Symantec

Secure Site Pro

1

25

24

CLI Example:

salt 'my-minion' namecheap_ssl.create 2 RapidSSL
salt.modules.namecheap_ssl.get_info(certificate_id, returncertificate=False, returntype=None)

Retrieves information about the requested SSL certificate. Returns a dictionary of information about the SSL certificate with two keys:

  • ssl - Contains the metadata information

  • certificate - Contains the details for the certificate such as the CSR, Approver, and certificate data

certificate_id

Unique ID of the SSL certificate

returncertificateFalse

Set to True to ask for the certificate in response

returntype

Optional type for the returned certificate. Can be either "Individual" (for X.509 format) or "PKCS7"

Note

Required if returncertificate is True

CLI Example:

salt 'my-minion' namecheap_ssl.get_info my-cert-id
salt.modules.namecheap_ssl.get_list(**kwargs)

Returns a list of SSL certificates for a particular user

ListTypeAll

Possible values:

  • All

  • Processing

  • EmailSent

  • TechnicalProblem

  • InProgress

  • Completed

  • Deactivated

  • Active

  • Cancelled

  • NewPurchase

  • NewRenewal

SearchTerm

Keyword to look for on the SSL list

Page1

Page number to return

PageSize20

Total number of SSL certificates to display per page (minimum: 10, maximum: 100)

SoryBy

One of PURCHASEDATE, PURCHASEDATE_DESC, SSLTYPE, SSLTYPE_DESC, EXPIREDATETIME, EXPIREDATETIME_DESC, Host_Name, or Host_Name_DESC

CLI Example:

salt 'my-minion' namecheap_ssl.get_list Processing
salt.modules.namecheap_ssl.parse_csr(csr_file, certificate_type, http_dc_validation=False)

Parses the CSR. Returns a dictionary of result values.

csr_file

Path to Certificate Signing Request file

certificate_type

Type of SSL Certificate. Possible values include:

  • EV Multi Domain SSL

  • EV SSL

  • EV SSL SGC

  • EssentialSSL

  • EssentialSSL Wildcard

  • InstantSSL

  • InstantSSL Pro

  • Multi Domain SSL

  • PositiveSSL

  • PositiveSSL Multi Domain

  • PositiveSSL Wildcard

  • PremiumSSL

  • PremiumSSL Wildcard

  • QuickSSL Premium

  • RapidSSL

  • RapidSSL Wildcard

  • SGC Supercert

  • SSL Web Server

  • SSL Webserver EV

  • SSL123

  • Secure Site

  • Secure Site Pro

  • Secure Site Pro with EV

  • Secure Site with EV

  • True BusinessID

  • True BusinessID Multi Domain

  • True BusinessID Wildcard

  • True BusinessID with EV

  • True BusinessID with EV Multi Domain

  • Unified Communications

http_dc_validationFalse

Set to True if a Comodo certificate and validation should be done with files instead of emails and to return the info to do so

CLI Example:

salt 'my-minion' namecheap_ssl.parse_csr my-csr-file PremiumSSL
salt.modules.namecheap_ssl.reissue(csr_file, certificate_id, web_server_type, approver_email=None, http_dc_validation=False, **kwargs)

Reissues a purchased SSL certificate. Returns a dictionary of result values.

csr_file

Path to Certificate Signing Request file

certificate_id

Unique ID of the SSL certificate you wish to activate

web_server_type

The type of certificate format to return. Possible values include:

  • apache2

  • apacheapachessl

  • apacheopenssl

  • apacheraven

  • apachessl

  • apachessleay

  • c2net

  • cobaltseries

  • cpanel

  • domino

  • dominogo4625

  • dominogo4626

  • ensim

  • hsphere

  • ibmhttp

  • iis

  • iis4

  • iis5

  • iplanet

  • ipswitch

  • netscape

  • other

  • plesk

  • tomcat

  • weblogic

  • website

  • webstar

  • zeusv3

approver_email

The email ID which is on the approver email list.

Note

http_dc_validation must be set to False if this option is used.

http_dc_validationFalse

Whether or not to activate using HTTP-based validation.

Note

For other parameters which may be required, see here.

CLI Example:

salt 'my-minion' namecheap_ssl.reissue my-csr-file my-cert-id apachessl
salt.modules.namecheap_ssl.renew(years, certificate_id, certificate_type, promotion_code=None)

Renews an SSL certificate if it is ACTIVE and Expires <= 30 days. Returns the following information:

  • The certificate ID

  • The order ID

  • The transaction ID

  • The amount charged for the order

years1

Number of years to register

certificate_id

Unique ID of the SSL certificate you wish to renew

certificate_type

Type of SSL Certificate. Possible values include:

  • EV Multi Domain SSL

  • EV SSL

  • EV SSL SGC

  • EssentialSSL

  • EssentialSSL Wildcard

  • InstantSSL

  • InstantSSL Pro

  • Multi Domain SSL

  • PositiveSSL

  • PositiveSSL Multi Domain

  • PositiveSSL Wildcard

  • PremiumSSL

  • PremiumSSL Wildcard

  • QuickSSL Premium

  • RapidSSL

  • RapidSSL Wildcard

  • SGC Supercert

  • SSL Web Server

  • SSL Webserver EV

  • SSL123

  • Secure Site

  • Secure Site Pro

  • Secure Site Pro with EV

  • Secure Site with EV

  • True BusinessID

  • True BusinessID Multi Domain

  • True BusinessID Wildcard

  • True BusinessID with EV

  • True BusinessID with EV Multi Domain

  • Unified Communications

promotional_code

An optional promo code to use when renewing the certificate

CLI Example:

salt 'my-minion' namecheap_ssl.renew 1 my-cert-id RapidSSL