Code examples
These Sectigo Client SDK examples can help you write your own Go or Python applications that interact with SCM to enroll and manage SSL/TLS certificates.
Example in Go
-
Import the SDK package.
package main import ( "fmt" sdk "github.com/sectigo-eng/sectigo-sdk" ) -
Specify the SCM credentials.
// ACME credentials := sdk.acme.Config.FromFile("<path/credentials.yaml>") // Enrollment API credentials := sdk.enrollment.Config.FromFile("<path/credentials.yaml>") // Admin API credentials := sdk.admin.Config.FromFile("<path/credentials.yaml>")// ACME credentials := sdk.acme.Config.Credentials{"acme_endpoint" : "<your_acme_endoint>", "eab_key" : "<your_key_id", "eab_hmac_key" : "<your_hmac_key", "certbot_path" : "your_csr_dir"} // Enrollment API credentials := sdk.enrollment.Config.Credentials{"client_id" : "<your_client_id>", "client_secret" : "<your_client_secret", "scm_url" : "<your_scm_url"} // Admin API credentials := sdk.admin.Config.Credentials{"scm_url" : "<your_scm_url>", "scm_user" : "<your_scm_user>", "scm_password" : "<your_scm_password>", "scm_uri" : "<your_scm_uri>", "scm_org_id" : "<your_org_id>", "scm_ssl_cert_type" : "<your_cert_id>"} -
Specify a certificate profile.
certProfile := sdk.lifecycle.CertProfile.FromFile("<path/cert_profile.yaml>")certProfile := sdk.lifecycle.CertProfile{"scm_credentials_label": "<your_creds_label>", "ssl_cert_type": "<your_ssl_cert_type>", "ssl_cert_comments": "<your_comments>", "<other_param>": "<your_other_value>"} -
Initialize a Sectigo client.
sectigoClient := sdk.lifecycle.NewClient(credentials) -
Enroll a certificate.
response, err := sectigoClient.Enroll(certProfile) if err != nil { fmt.Println(err) }response, err := sdk.api.acme.EnrollCertificate(sdk.api.acme.SSLEnrollRequestBody{}, credentials) if err != nil { fmt.Println(err) }response, err := sdk.api.enrollment.EnrollCertificate(sdk.api.enrollment.SSLEnrollRequestBody{}, credentials) if err != nil { fmt.Println(err) }response, err := sdk.admin.Enroll(certProfile, credentials) if err != nil { fmt.Println(err) } -
Retrieve the certificate.
response, err := sectigoClient.Collect("<cert_id>", credentials) if err != nil { fmt.Println(err) } fmt.Println(response)// ACME response, err := sdk.api.acme.GetCertificateDetails("<cert_id>", credentials) // Enrollment API response, err := sdk.api.enrollment.GetCertificateDetails("<cert_id>", credentials) // Admin API response, err := sdk.api.admin.GetCertificateDetails("<cert_id>", credentials) if err != nil { fmt.Println(err) } fmt.Println(response)
Complete sample
package main
import (
"fmt"
sdk "github.com/sectigo-eng/sectigo-sdk/pkg"
)
credentials := sdk.acme.Config.FromFile("<path/credentials.yaml>")
sectigoClient := sdk.lifecycle.NewClient(credentials)
certProfile := sdk.lifecycle.CertProfile.FromFile("<path/cert_profile.yaml>")
response, err := sectigoClient.Enroll(certProfile)
if err != nil {
fmt.Println(err)
}
response, err := sectigoClient.Collect("<cert_id>", credentials)
if err != nil {
fmt.Println(err)
}
fmt.Println(response)Example in Python
-
Import the SDK package.
from SectigoSDK.scm_provider import SCMProvider from SectigoSDK.certificate_profile import CertificateProfile import SectigoSDK.utils as utils -
Configure logging.
if __name__ == '__main__': log_config = { 'log_file_name': 'sectigo_pycert.log', 'log_level': 'info', 'log_folder_path': '<path/log_dir>', 'log_size_mb': 1, 'log_file_count': 10, } logger = Logger(log_config) -
Specify a certificate profile.
cert_profile = CertificateProfile.from_file("<path/cert_profile.yaml>")cert_profile_dict = {'scm_credentials_label': 'scm_credentials_label', 'ssl_cert_custom_fields': {'Servers Public IP (or IP Subnet)': '192.168.0.1', 'Dept': 'Ecommerce'}, 'ssl_cert_type': 'DV', 'ssl_cert_comments': 'Test certificate', 'ssl_cert_subject_alt_names': 'san1.ccmqa.com,san3.ccmqa.com', 'ssl_cert_validity': '365', 'csr_domain': 'demo.ccmqa.com', 'csr_country': 'CA', 'csr_state': 'Ontario', 'csr_location': 'Ottawa', 'csr_organization': 'csr_organization', 'csr_email_address': '[email protected]', 'csr_key_type': 'RSA', 'csr_key_size': 2048, 'force_renewal': False, 'expiry_window': 365, 'auto_renew': True, 'profile_name': 'cert_profile_1'} cert_profile = CertificateProfile(cert_profile_dict) -
Initialize a Sectigo client.
scm_object = SCMProvider.from_file("<path/scm.yaml>",cert_profile.scm_credentials_label)scm_dict = { "client_id": "b8923830-11f5-4c34-951b-fc1235634972", "client_secret": "Ti]hXzuxj.!T,zg!S0rZ0StbwyDlhCP4", "scm_url": "scm_url", } scm = SCMProvider(scm_dict, cert_profile.scm_credentials_label) -
Generate a private key and CSR.
key = utils.create_key(cert_profile.csr_key_type,cert_profile.csr_key_size,"<path/test_key.pem>") csr = utils.create_csr(key,cert_profile.csr_email_address,cert_profile.csr_domain,scm.csr_path) -
Enroll a certificate.
ssl_id = scm.enroll(csr,cert_profile) -
Collect a certificate.
if ssl_id: response = scm.collect(ssl_id) print(response) -
Renew, replace, or revoke a certificate.
Complete sample
from SectigoSDK.scm_provider import SCMProvider
from SectigoSDK.certificate_profile import CertificateProfile
import SectigoSDK.utils as utils
if __name__ == '__main__':
log_config = {
'log_file_name' : 'sectigo_pycert.log',
'log_level' : 'info',
'log_folder_path' : '<path/log_dir>',
'log_size_mb' : 1,
'log_file_count' : 10
}
logger = Logger(log_config)
cert_profile = CertificateProfile.from_file("<path/cert_profile.yaml>")
scm_object = SCMProvider.from_file("<path/credentials.yaml>",cert_profile.scm_credentials_label)
key = utils.create_key(cert_profile.csr_key_type,cert_profile.csr_key_size,"<path/test_key.pem>")
csr = utils.create_csr(key,cert_profile.csr_email_address,cert_profile.csr_domain,scm.csr_path)
ssl_id = scm.enroll(csr,cert_profile)
if ssl_id:
response = scm.collect(ssl_id)
print(response)