salt.modules.namecheap_ssl module

Namecheap management

New in version 2017.7.0.

General Notes

Use this module to manage ssl certificates through the namecheap api. The Namecheap settings will be set in grains.

Installation Prerequisites

  • This module uses the following python libraries to communicate to the namecheap API:

    • requests
    pip install requests
    
  • As saltstack depends on requests this shouldn't be a problem

Prerequisite Configuration

  • The namecheap username, api key and url should be set in a minion configuration file or pillar

    namecheap.name: companyname
    namecheap.key: a1b2c3d4e5f67a8b9c0d1e2f3
    namecheap.client_ip: 162.155.30.172
    #Real url
    namecheap.url: https://api.namecheap.com/xml.response
    #Sandbox url
    #namecheap.url: https://api.sandbox.namecheap.xml.response
    
salt.modules.namecheap_ssl.activate(csr_file, certificate_id, web_server_type, approver_email=None, http_dc_validation=False, **kwargs)

Activates a newly purchased SSL certificate

returns a dictionary of result values

Required Parameters:
csr
string Certificate Signing Request
certificate_id
integer Unique ID of the SSL certificate you wish to activate
web_server_type
string The type of certificate format to return
Possible values: apacheopenssl, apachessl, apacheraven,
apachessleay, c2net, ibmhttp, iplanet, domino, dominogo4625, dominogo4626, netscape, zeusv3, apache2, apacheapachessl, cobaltseries, cpanel, ensim, hsphere, ipswitch, plesk, tomcat, weblogic, website, webstar, iis, other, iis4, iis5
approver_email
string The email ID which is on the approver email list
http_dc_validation must be set to False if this parameter is used
http_dc_validation
bool An indicator that shows if certificate should be
activated using HTTP-based validation. Please specify True if you wish to use HTTP-based validation. approver_email should be set to None if this parameter is used
Other required parameters:
please see https://www.namecheap.com/support/api/methods/ssl/activate.aspx

CLI Example:

salt.modules.namecheap_ssl.create(years, certificate_type, promotion_code=None, sans_to_add=None)

Creates a new SSL certificate

returns a dictionary with the following values:
issuccess Indicates whether SSL order was successful orderid A unique integer value that represents the order transactionid A unique integer value that represents the transaction chargedamount The amount charged for the order certificateid A unique integer value that represents the SSL created The date on which the certificate is created expires The date on which the certificate expires ssltype Type of SSL cerificate years Number of years for which the certificate is purchased status The current status of SSL certificate
Required parameters:
years
integer Number of years to register
Default: 1
certificate_type
string Type of SSL Certificate,
Possible Values: QuickSSL Premium, RapidSSL, RapidSSL Wildcard,
PremiumSSL, InstantSSL, PositiveSSL, PositiveSSL Wildcard, True BusinessID with EV, True BusinessID, True BusinessID Wildcard, True BusinessID Multi Domain, True BusinessID with EV Multi Domain, Secure Site, Secure Site Pro, Secure Site with EV, Secure Site Pro with EV, EssentialSSL, EssentialSSL Wildcard, InstantSSL Pro, PremiumSSL Wildcard, EV SSL, EV SSL SGC, SSL123, SSL Web Server, SGC Supercert, SSL Webserver EV, EV Multi Domain SSL, Multi Domain SSL, PositiveSSL Multi Domain, Unified Communications
Optional parameters:
promotional_code
string Promotional (coupon) code for the certificate
sans_to_add
integer This parameter defines the number of add-on domains to be purchased in
addition to the default number of domains included with a multi-domain certificate. Each certificate that supports SANs has the default number of domains included. You may check the default number of domains included and the maximum number of domains that can be added to it in the table below. Default: 0
Provider Product name Default number of Maximum number of Maximum number

domains (domain from total domains of domains CSR is counted here) that can be

passed in SANStoADD parameter
Comodo PositiveSSL 3 100 97
Multi-Domain
Comodo Multi-Domain 3 100 97
SSL
Comodo EV Multi- 3 100 97
Domain SSL
Comodo Unified 3 100 97
Communications
GeoTrust QuickSSL 1 1 domain + The only
Premium 4 subdomains supported
value is 4
GeoTrust True 5 25 20
BusinessID with EV Multi-Domain
GeoTrust True Business 5 25 20
ID Multi- Domain
Thawte SSL Web 1 25 24
Server
Thawte SSL Web 1 25 24
Server with EV
Symantec Secure Site 1 25 24
Pro with EV
Symantec Secure Site 1 25 24
with EV
Symantec Secure Site 1 25 24
Pro
CLI Example:
salt.modules.namecheap_ssl.get_info(certificate_id, returncertificate=False, returntype=None)

Retrieves information about the requested SSL certificate

returns a dictionary of information about the SSL certificate with two keys

"ssl" contains the metadata information "certificate" contains the details for the certificate like

the CSR, Approver, and certificate data
certificate_id
integer Unique ID of the SSL certificate
returncertificate
bool True to ask for the certificate in response
returntype
string Type of returned certificate. Parameter takes "Individual (for X.509 format) or PKCS7"
Required if returncertificate is True

CLI Example:

salt.modules.namecheap_ssl.get_list(**kwargs)

Returns a list of SSL certificates for a particular user

Optional parameters:

ListType
string Possible values: All,Processing,EmailSent,
TechnicalProblem,InProgress,Completed, Deactivated,Active,Cancelled,NewPurchase, NewRenewal

Default: All

SearchTerm
string Keyword to look for on the SSL list
Page
integer Page to return
Default: 1
PageSize
integer Total number of SSL certificates to display in a page
Minimum value is 10 and maximum value is 100 Default: 20
SoryBy
string Possible values are PURCHASEDATE,PURCHASEDATE_DESC,
SSLTYPE,SSLTYPE_DESC, EXPIREDATETIME,EXPIREDATETIME_DESC, Host_Name,Host_Name_DESC

CLI Example:

salt.modules.namecheap_ssl.parse_csr(csr_file, certificate_type, http_dc_validation=False)

Parses the CSR

returns a dictionary of result values

Required parameters:

csr_file
string Certificate Signing Request File
certificate_type
string Type of SSL Certificate,
Possible Values: QuickSSL Premium, RapidSSL, RapidSSL Wildcard,
PremiumSSL, InstantSSL, PositiveSSL, PositiveSSL Wildcard, True BusinessID with EV, True BusinessID, True BusinessID Wildcard, True BusinessID Multi Domain, True BusinessID with EV Multi Domain, Secure Site, Secure Site Pro, Secure Site with EV, Secure Site Pro with EV, EssentialSSL, EssentialSSL Wildcard, InstantSSL Pro, PremiumSSL Wildcard, EV SSL, EV SSL SGC, SSL123, SSL Web Server, SGC Supercert, SSL Webserver EV, EV Multi Domain SSL, Multi Domain SSL, PositiveSSL Multi Domain, Unified Communications

Optional parameter:

http_dc_validation
bool True if a Comodo certificate and validation should be done with files
instead of emails and to return the info to do so

CLI Example:

salt.modules.namecheap_ssl.reissue(csr_file, certificate_id, web_server_type, approver_email=None, http_dc_validation=False, **kwargs)

Reissues a purchased SSL certificate

returns a dictionary of result values

Required Parameters:
csr
string Certificate Signing Request
certificate_id
integer Unique ID of the SSL certificate you wish to activate
web_server_type
string The type of certificate format to return
Possible values: apacheopenssl, apachessl, apacheraven,
apachessleay, c2net, ibmhttp, iplanet, domino, dominogo4625, dominogo4626, netscape, zeusv3, apache2, apacheapachessl, cobaltseries, cpanel, ensim, hsphere, ipswitch, plesk, tomcat, weblogic, website, webstar, iis, other, iis4, iis5
approver_email
string The email ID which is on the approver email list
http_dc_validation must be set to False if this parameter is used
http_dc_validation
bool An indicator that shows if certificate should be
activated using HTTP-based validation. Please specify True if you wish to use HTTP-based validation. approver_email should be set to None if this parameter is used
Other required parameters:
please see https://www.namecheap.com/support/api/methods/ssl/reissue.aspx

CLI Example:

salt.modules.namecheap_ssl.renew(years, certificate_id, certificate_type, promotion_code=None)

Renews an SSL certificate if it is ACTIVE and Expires <= 30 days

returns a dictionary with the following values:
orderid A unique integer value that represents the order transactionid A unique integer value that represents the transaction chargedamount The amount charged for the order certificateid A unique integer value that represents the SSL
Required parameters:
years
integer Number of years to register
Default: 1
certificate_id
integer Unique identifier for the existing certificate to renew
certificate_type
string Type of SSL Certificate,
Possible Values: QuickSSL Premium, RapidSSL, RapidSSL Wildcard,
PremiumSSL, InstantSSL, PositiveSSL, PositiveSSL Wildcard, True BusinessID with EV, True BusinessID, True BusinessID Wildcard, True BusinessID Multi Domain, True BusinessID with EV Multi Domain, Secure Site, Secure Site Pro, Secure Site with EV, Secure Site Pro with EV, EssentialSSL, EssentialSSL Wildcard, InstantSSL Pro, PremiumSSL Wildcard, EV SSL, EV SSL SGC, SSL123, SSL Web Server, SGC Supercert, SSL Webserver EV, EV Multi Domain SSL, Multi Domain SSL, PositiveSSL Multi Domain, Unified Communications
Optional parameters:
promotional_code
string Promotional (coupon) code for the certificate

CLI Example: