{"id":19711705,"url":"https://github.com/brightcommerce/globessl","last_synced_at":"2025-04-29T18:30:47.295Z","repository":{"id":56874636,"uuid":"44177050","full_name":"brightcommerce/globessl","owner":"brightcommerce","description":"A Ruby API client for GlobeSSL CA resellers.","archived":false,"fork":false,"pushed_at":"2015-11-17T01:55:39.000Z","size":21,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-05T18:52:03.007Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/brightcommerce.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-10-13T13:11:06.000Z","updated_at":"2019-02-26T21:56:40.000Z","dependencies_parsed_at":"2022-08-20T22:30:34.509Z","dependency_job_id":null,"html_url":"https://github.com/brightcommerce/globessl","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brightcommerce%2Fglobessl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brightcommerce%2Fglobessl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brightcommerce%2Fglobessl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/brightcommerce%2Fglobessl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/brightcommerce","download_url":"https://codeload.github.com/brightcommerce/globessl/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251559736,"owners_count":21609065,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T22:13:26.964Z","updated_at":"2025-04-29T18:30:47.009Z","avatar_url":"https://github.com/brightcommerce.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Gem Version](https://badge.fury.io/rb/globessl.svg)](https://badge.fury.io/rb/globessl)\n\n# GlobeSSL Client\nThe **GlobeSSL Client** is a Ruby API client for GlobeSSL CA resellers. This client provides almost all of the functionality exposed by version 2 of their API. To use this client you will need an API key.\n\n## Background\nThe **GlobeSSL Client** is an opinionated client library for the GlobeSSL CA API. I built this library to provide fully automated provisioning of SSL Certificates for our client's apps and websites using the Brightcommerce API.\n\nThe **GlobeSSL Client** provides endpoint access to the API methods that fulfill our requirements. It is very important to us that integration with GlobeSSL CA is seamless and provides as few touch-points as possible with the end-user. For instance, for the domain validation method we use the 'http' method which permits us to prove ownership of a domain by providing a specific text file at a specific URL. This means the end-user doesn't have to click a link in an email and punch in a code to validate ownership of a domain. We also use their autocsr method to generate the Certificate Signing Request and Private Key, rather than shell out and use OpenSSL.\n\nThe **GlobeSSL Client** has undergone extensive real-world testing with real certificates. I worked closely with the CTO from GlobeSSL CA to address any issues or suggestions we had with their API. The assistance we received was truly excellent, and I'm happy to provide this library to the public domain, which we hope will only mean more resellers for them.\n\n## About GlobeSSL CA\nTo find out more about GlobeSSL CA please visit their [website](https://www.globessl.com). You can find out more about the API by reading their [documentation](https://api.globessl.com/docs/). To use their API you need to have a reseller account, you can find out more about their reseller plans at the [strategic partners](https://www.globessl.com/strategic-partners/) page on their website.\n\n## Installation\nTo install add the line to your `Gemfile`:\n```\ngem 'globessl'\n```\nAnd call `bundle install`.\n\nAlternatively, you can install it from the terminal:\n```\ngem install globessl\n```\n\n## Dependencies\nThe **GlobeSSL Client** has the following runtime dependencies:\n- Virtus ~\u003e 1.0.3\n\n## Compatibility\nDeveloped with MRI 2.2, however the `.gemspec` only specifies MRI 2.0. It may work with other flavors, but it hasn't been tested. Please let us know if you encounter any issues.\n\n## How To Use\n\n### Prerequisites\nThe **GlobeSSL Client** requires an API key. By default the library will look for your API key in the environment variable `GLOBESSL_API_KEY`. If you'd like to override this and provide the API key directly to the API, setup a configuration initializer as shown below:\n```ruby\nGlobeSSL.configure do |config|\n config.api_key = \"b04b4e74c57c37de48863ef9373963e0b496f5e7\" # fictional\nend\n```\n\nYou can access any configuration settings directly on the GlobeSSL namespace:\n```ruby\napi_key = GlobeSSL.api_key #=\u003e b04b4e74c57c37de48863ef9373963e0b496f5e7\napi_url = GlobeSSL.api_url #=\u003e https://api.globessl.com/v2\n```\n\n### API Calls\nThe **GlobeSSL Client** provides access to the following GlobeSSL CA API endpoints:\n- [account/balance](https://api.globessl.com/docs/#api-account-balance) Retrieves your reseller account balance.\n- [account/details](https://api.globessl.com/docs/#api-account-details) Retrieves your reseller account details.\n- [products/list](https://api.globessl.com/docs/#api-products-list) Returns a detailed list of all available SSL Certificate products.\n- [products/details](https://api.globessl.com/docs/#api-products-details) Returns single product's details.\n- [tools/webservers](https://api.globessl.com/docs/#api-tools-webservers) Returns an array with available web server types.\n- [tools/domainemails](https://api.globessl.com/docs/#api-tools-getdomainemails) Returns an array with available domain validation email addresses.\n- [tools/autocsr](https://api.globessl.com/docs/#api-tools-autocsr) Returns a private key and certificate signing request.\n- [tools/decodecsr](https://api.globessl.com/docs/#api-tools-decodescr) Validates submitted CSR code. Returns parsed data in array.\n- [order/ssl](https://api.globessl.com/docs/#api-order-ssl) Order a new SSL Certificate.\n- [certificates/get](https://api.globessl.com/docs/#api-certificates-get) Retrieve a single SSL Certificate.\n- [certificates/reissue](https://api.globessl.com/docs/#api-certificates-reissue) Reissue a single certificate.\n- [dcv/change](https://api.globessl.com/docs/#api-dcv-change) Change DCV Method for SSL Certificate.\n- [dcv/resend](https://api.globessl.com/docs/#api-dcv-resend) Re-sends validation email for the SSL Certificate.\n\nThe **GlobeSSL Client** *does not* provide access the following GlobeSSL CA API endpoint:\n- [order/quick](https://api.globessl.com/docs/#api-order-quickssl) Order a new SSL Certificate using invite method. The client will receive the URL for completing the SSL generation.\n\n### API Endpoints\nI've attempted to make the **GlobeSSL Client** interface as consistent as possible. The GlobeSSL CA API has the following rules:\n- `GET` requests require any parameters in the URL.\n- `POST` requests require any parameters as `x-www-form-urlencoded` and passed in the request body.\n- The resellers API key is passed in the `X-API-KEY` header.\n- All responses including errors are returned in the `body` and are encoded as `JSON`.\n\nThe **GlobeSSL Client** breaks the API into consistent logical domain models. The models are backed by Virtus Model and most provide a `#fetch` method. Where a model performs a specific action the method will be named, and the parameters for the model must be provided as attributes on the class. Every call performs some validation before executing the API call. If the validation fails, the call will return `false` and any exceptions are made available in the `#errors` collection attribute.\n\nFollowing are examples of how to instantiate each class with attributes where necessary, and the properties that can be queried on the class after each API call. All example information including names, addresses and other details are completely fictional and provided to give context.\n\n#### Account Balance\nReturns the current account balance and currency.\n\n```ruby\n@account = GlobeSSL::AccountBalance.new\n\nresult = @account.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @account.errors.each do |err|\n puts err\n end\nend\n\n# AccountBalance properties\n@account.balance #=\u003e 1234.56\n@account.currency #=\u003e 'USD'\n```\n\n#### Account Details\nReturns the account details such as reseller name, company, address and contact details. It also returns the current balance.\n\n```ruby\n@account = GlobeSSL::AccountDetails.new\n\nresult = @account.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @account.errors.each do |err|\n puts err\n end\nend\n\n# AccountDetails properties\n@account.account_id #=\u003e 9999\n@account.balance #=\u003e 1234.56\n@account.total_balance #=\u003e 1234.56\n@account.account_type #=\u003e 29\n@account.email #=\u003e support@acmecerts.com\n@account.name #=\u003e Richard Reseller\n@account.company #=\u003e Acme SSL Certs\n@account.address #=\u003e 123 Fourth Street\n@account.city #=\u003e Fivetown\n@account.state # South Sixly\n@account.country # US\n@account.postal_code #=\u003e 12345-6789\n```\n\n#### Products\nReturns a list of SSL products presented as an array of GlobeSSL::Product. You can retrieve a single SSL product given a product id.\n\n```ruby\n@products = GlobeSSL::Products.new\n\nresult = @products.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @products.errors.each do |err|\n puts err\n end\nend\n\n@products.list #=\u003e an enumerable array of GlobeSSL::Product\n@products.list.size #=\u003e 39\n\n# Enumerate each\n@products.list.each do |prod|\n puts prod.name\nend\n\n# Product properties\nprod = @products.list.first\nprod.is_a?(GlobeSSL::Product) #=\u003e true\nprod.id #=\u003e 106\nprod.name #=\u003e Globe FREE SSL\nprod.validation #=\u003e dv\nprod.wildcard #=\u003e false\nprod.multi_domain #=\u003e false\nprod.min_domains #=\u003e 0\nprod.max_domains #=\u003e 0\nprod.brand #=\u003e Globe SSL\n\n# You can also request a single product like so:\n@product = GlobeSSL::Product.new(:id =\u003e 106)\nresult = @product.fetch #=\u003e true\n@product.is_a?(GlobeSSL::Product) #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @product.errors.each do |err|\n puts err\n end\nend\n```\n\n#### Webservers\nReturns a list of webserver types to be used when ordering an SSL product.\n\n```ruby\n@webservers = GlobeSSL::Webservers.new\n\nresult = @webservers.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @webservers.errors.each do |err|\n puts err\n end\nend\n\n@webservers.list #=\u003e an enumerable array of GlobeSSL::Webserver\n@webservers.list.size #=\u003e 37\n\n# Enumerate each\n@webservers.list.each do |ws|\n puts \"#{ws.id.to_s}: #{ws.name}\"\nend\n\n# Webserver properties\nwebserver = @webservers.list.first\nwebserver.is_a?(GlobeSSL::Webserver) #=\u003e true\nwebserver.id #=\u003e 1\nwebserver.name #=\u003e AOL\n```\n\n#### Domain Emails\nReturns a list of emails required when validating ownership of a domain using the `dv` method.\n\n```ruby\n@domain_emails = GlobeSSL::DomainEmails.new(:domain =\u003e \"acmecerts.com\")\n\nresult = @domain_emails.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @domain_emails.errors.each do |err|\n puts err\n end\nend\n\n@domain_emails.list #=\u003e an array of email addresses\n@domain_emails.list.size #=\u003e 5\n\n# Enumerate each\n@domain_emails.list.each do |email|\n puts email\nend\n\n# DomainEmail properties\nemail = @domain_emails.list.first #=\u003e admin@acmecerts.com\nemail.is_a?(String) #=\u003e true\n```\n\n#### Certificate Signing Request (CSR)\nUsed to generate a CSR and Private Key pair. This class uses the GlobeSSL CA API `autocsr` endpoint.\n\n```ruby\n@csr = GlobeSSL::CertificateSigningRequest.new(\n :country_name =\u003e \"US\",\n :state_or_province_name =\u003e \"South Sixly\",\n :locality_name =\u003e \"Fivetown\",\n :organization_name =\u003e \"Acme SSL Certs\",\n :organizational_unit_name =\u003e \"acmecerts.com\",\n :common_name =\u003e \"www.acmecerts.com\",\n :email_address =\u003e \"support@acmecerts.com\"\n )\n\nresult = @csr.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @csr.errors.each do |err|\n puts err\n end\nend\n\n# CSR properties\n@csr.private_key #=\u003e -----BEGIN PRIVATE KEY-----\\nMIIEv...\n@csr.csr_code #=\u003e -----BEGIN CERTIFICATE REQUEST-----\\nMIIC/j...\n@csr.fingerprint_sha1 #=\u003e 42153B1CE...\n@csr.fingerprint_md5 #=\u003e AA24D856...\n\n# Decoding the CSR\nresult = @csr.decode #=\u003e true\n@csr.decoded_csr #=\u003e {\"CN\":\"www.acmecerts.com\",\"OU\":\"acmecerts.com\"...\n```\n\n#### Order SSL Certificate\nPlace an order for an SSL product.\n\n```ruby\n@order = GlobeSSL::OrderSSLCertificate.new(\n :admin_firstname =\u003e \"Richard\",\n :admin_lastname =\u003e \"Reseller\",\n :admin_email =\u003e \"admin@acmecerts.com\",\n :admin_phone =\u003e \"9995557856\",\n :admin_org =\u003e \"Acme SSL Certs\", # optional\n :admin_jobtitle =\u003e \"Administrator\", # optional\n :admin_address =\u003e \"123 Fourth Street\", # optional\n :admin_city =\u003e \"Fivetown\", # optional\n :admin_country =\u003e \"US\", # optional\n :optional_admin_params =\u003e true,\n :cert_signing_request =\u003e @csr, # CertificateSigningRequest object\n :dcv_method =\u003e \"email\",\n :period =\u003e 0,\n :product =\u003e @product, # Product object\n :webserver_type =\u003e 36, # nginx\n :approver_email =\u003e \"admin@acmecerts.com\"\n)\n\nresult = @order.purchase! #=\u003e true\n\n# If the purchase! method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @order.errors.each do |err|\n puts err\n end\nend\n\n# Order properties\n@order.order_id #=\u003e 99999\n@order.certificate_id #=\u003e 303030\n@order.amount #=\u003e 0\n@order.currency #=\u003e USD\n```\n\n#### SSL Certificate\nReturns an SSL certificate given a certificate id.\n\n```ruby\n@cert = GlobeSSL::SSLCertificate.new(\n :id =\u003e @order.certificate_id # from above\n)\n\nresult = @cert.fetch #=\u003e true\n\n# If the fetch method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @cert.errors.each do |err|\n puts err\n end\nend\n\n# Certificate properties\n@cert.order_id #=\u003e 99999\n@cert.partner_order_id #=\u003e 865231756\n@cert.status #=\u003e Active\n@cert.status_description #=\u003e Active\n@cert.dcv_method #=\u003e email\n@cert.dcv_email #=\u003e admin@acmecerts.com\n@cert.product #=\u003e GlobeSSL::Product\n@cert.domain #=\u003e www.acmecerts.com\n@cert.domains #=\u003e array of domains if multi-domain product\n@cert.total_domains #=\u003e 1\n@cert.period #=\u003e 1 (year)\n@cert.valid_from #=\u003e 2015-10-06\n@cert.valid_till #=\u003e 2015-11-06\n@cert.csr_code #=\u003e -----BEGIN CERTIFICATE REQUEST-----\\nMIIC/j...\n@cert.crt_code #=\u003e -----BEGIN CERTIFICATE-----\\nMIIFdT...\n@cert.ca_code #=\u003e -----BEGIN CERTIFICATE-----\\nMIIGBzCC...\n```\n\n#### Domain Control Validation\nProvides methods to resend a domain control validation email, or change the `dcv_method`.\n\n```ruby\n@dcv = GlobeSSL::DomainControlValidation.new(\n :certificate =\u003e cert, # from above\n :dcv_method =\u003e 'email'\n)\n\n# Resend the domain control validation email:\nresult = @dcv.resend! #=\u003e true\n\n# Change the domain control validation method:\n@dcv.method = 'http' # see GlobeSSL::DomainControlValidation::METHODS\n@dcv.approver_email = \"administrator@acmecerts.com\"\nresult = @dcv.change! #=\u003e true\n\n# If the resend! or change! method fails it will return false\n# and populate the errors collection attribute:\nif result == false\n @dcv.errors.each do |err|\n puts err\n end\nend\n```\n\n#### Country Codes\nThe **GlobeSSL Client** provides a constant hash of country codes. This list is derived from https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2. The hash keys are ISO_3166-1_alpha-2 codes and the values are the country display name. The top 20 countries by number of Internet users are grouped first, see https://en.wikipedia.org/wiki/List_of_countries_by_number_of_Internet_users.\n\nExample: access a country name by code:\n```ruby\nGlobeSSL::COUNTRY_CODES['US'] #=\u003e United States\n```\nAll the regular hash functions are available for find keys and values, but the hash is immutable. If you want to manipulate the list, for example to sort it differently; you will have to copy it into a new hash variable first.\n\n## Testing\nGlobeSSL CA do not provide a test environment for their API. This is understandable since SSL Certificates are issued by Certificate Authorities. Everything about the API is about generating an SSL Certificate, so it stands to reason that a test environment would be quite difficult to create and support.\n\nHowever, they do provide a way for resellers to use the API in a test capacity by allowing you to generate a `**FREE**` certificate. The certificate generated is a real working certificate, but it has a 3 month expiry date. The `product_id` for this certificate is `106`.\n\nYou will need to check if the product is returned by the `GlobeSSL::Products` class. If the product isn't in the list then contact GlobeSSL CA to request the product be enabled. I have been informed that the product is purely for test scenarios and abuse is monitored. Abusive behavior will result in the product being removed from your account.\n\n## To Do\n- Document extended validation (`ev`) and organizational validation (`ov`) certificate type info supported in `GlobeSSL::OrderSSLCertificate`.\n- Document `dns_names` and `approver_emails` for multi-domain certificate types supported in `GlobeSSL::OrderSSLCertificate`.\n- Add `http` and `https` domain control validation method (`dcv_method`) documentation.\n- Test suite with mocks for CI/CD scenarios.\n\n## Acknowledgements\n#### Versions \u003c= 1.0.4\n- Jurgen Jocubeit - President \u0026 CEO, [Brightcommerce, Inc.](https://twitter.com/brightcommerce)\n- Zoltan Egresi - CTO, [GlobeSSL CA](https://globessl.com) (API guidance and live testing assistance)\n\n## License\nThe **GlobeSSL Client** is released to the public domain under the [MIT License](http://opensource.org/licenses/MIT).\n\n## Copyright\nCopyright 2015 Brightcommerce, Inc.\nAll rights reserved.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrightcommerce%2Fglobessl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbrightcommerce%2Fglobessl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbrightcommerce%2Fglobessl/lists"}