class RubyAem::Resources::Ssl

AEM class contains API calls related to managing SSL via Granite.

Public Class Methods

new(client) click to toggle source

Initialise Ssl resource.

@param client RubyAem::Client @return new RubyAem::Resources::Ssl instance

# File lib/ruby_aem/resources/ssl.rb, line 25
def initialize(client)
  @client = client
  @call_params = {
  }
end

Public Instance Methods

disable() click to toggle source

Disable SSL

@return RubyAem::Result

# File lib/ruby_aem/resources/ssl.rb, line 34
def disable
  @client.call(self.class, __callee__.to_s, @call_params)
end
enable(opts = { keystore_password: nil, truststore_password: nil, https_hostname: nil, https_port: nil, certificate_file_path: nil, privatekey_file_path: nil }) click to toggle source

Enable SSL

@param opts hash of the following values:

  • keystore_password: Authorizable Keystore password for system-user ssl-service. keystore will be created if it doesn't exist.

  • truststore_password: AEM Global Truststore password. Truststore will be created if it doesn't exist.

  • https_hostname: Hostname for enabling HTTPS listener matching the certificate's common name.

  • https_port: Port to listen on for HTTPS requests.

  • certificate_file_path: Path to the HTTPS public certificate file.

  • privatekey_file_path: Path to the HTTPS Private Key file.

@return RubyAem::Result

# File lib/ruby_aem/resources/ssl.rb, line 48
def enable(opts = {
  keystore_password: nil,
  truststore_password: nil,
  https_hostname: nil,
  https_port: nil,
  certificate_file_path: nil,
  privatekey_file_path: nil
})
  @call_params[:keystore_password] = opts[:keystore_password]
  @call_params[:keystore_passwordConfirm] = opts[:keystore_password]
  @call_params[:truststore_password] = opts[:truststore_password]
  @call_params[:truststore_passwordConfirm] = opts[:truststore_password]
  @call_params[:https_hostname] = opts[:https_hostname]
  @call_params[:https_port] = opts[:https_port]
  @call_params[:file_path_certificate] = opts[:certificate_file_path]
  @call_params[:file_path_private_key] = opts[:privatekey_file_path]

  @client.call(self.class, __callee__.to_s, @call_params)
end
enable_wait_until_ready( opts = { force: true, _retries: { max_tries: 30, base_sleep_seconds: 2, max_sleep_seconds: 2 } } ) click to toggle source

Enable SSL via granite and wait until SSL was enabled

@param opts hash of the following values:

  • keystore_password: Authorizable Keystore password for system-user ssl-service. keystore will be created if it doesn't exist.

  • truststore_password: AEM Global Truststore password. Truststore will be created if it doesn't exist.

  • https_hostname: Hostname for enabling HTTPS listener matching the certificate's common name.

  • https_port: Port to listen on for HTTPS requests.

  • certificate_file_path: Path to the HTTPS public certificate file.

  • privatekey_file_path: Path to the HTTPS Private Key file.

  • _retries: retries library's options (www.rubydoc.info/gems/retries/0.0.5#Usage), restricted to max_tries, base_sleep_seconds, max_sleep_seconds

@return RubyAem::Result

# File lib/ruby_aem/resources/ssl.rb, line 109
def enable_wait_until_ready(
  opts = {
    force: true,
    _retries: {
      max_tries: 30,
      base_sleep_seconds: 2,
      max_sleep_seconds: 2
    }
  }
)
  opts[:_retries] ||= {}
  opts[:_retries][:max_tries] ||= 30
  opts[:_retries][:base_sleep_seconds] ||= 2
  opts[:_retries][:max_sleep_seconds] ||= 2

  # ensure integer retries setting (Puppet 3 passes numeric string)
  opts[:_retries][:max_tries] = opts[:_retries][:max_tries].to_i
  opts[:_retries][:base_sleep_seconds] = opts[:_retries][:base_sleep_seconds].to_i
  opts[:_retries][:max_sleep_seconds] = opts[:_retries][:max_sleep_seconds].to_i

  # The AEM Granite API to enable SSl is unstable and in some cases it response with response code 0.
  # This is because the HTTP service is getting restarted during the process of enabling SSL via Granite.
  # To not end with an error we have to rescue this behaviour and verify afterwards if SSL was enabled.
  begin
    result = enable(**opts)
  rescue RubyAem::Error => e
    raise StandardError.new(result) unless e.result.response.status_code.zero?

    with_retries(max_tries: opts[:_retries][:max_tries], base_sleep_seconds: opts[:_retries][:base_sleep_seconds], max_sleep_seconds: opts[:_retries][:max_sleep_seconds]) { |retries_count|
      result = is_enabled
      message = 'SSL could not be configured or connection timeout please try again.'
      puts format('SSL Enable check #%<retries_count>d: %<check_result_data>s - %<check_result_message>s', retries_count: retries_count, check_result_data: result.data, check_result_message: result.message)
      raise StandardError.new(message) if result.data == false
    }
  end
  result
end
get() click to toggle source

Get SSL Granite configuration

@return RubyAem::Result

# File lib/ruby_aem/resources/ssl.rb, line 71
def get
  @client.call(self.class, __callee__.to_s, @call_params)
end
is_enabled() click to toggle source

Check if SSL is enabled via Granite

@return RubyAem::Result

# File lib/ruby_aem/resources/ssl.rb, line 78
def is_enabled
  get_ssl = get

  response = get_ssl.response
  ssl_properties = response.body.properties
  ssl_enabled = ssl_properties.com_adobe_granite_jetty_ssl_port.is_set
  ssl_port = ssl_properties.com_adobe_granite_jetty_ssl_port.value

  message = if ssl_enabled.eql?(true)
              "HTTPS has been configured on port #{ssl_port}"
            else
              'HTTPS is not configured'
            end

  result = RubyAem::Result.new(message, response)
  result.data = ssl_enabled

  result
end