slawek/azure-acme-provisioner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add download command to retrieve PEM bundle from Key Vault

Browse Source
This commit is contained in:
Sławek Koszewski
2026-05-21 23:47:49 +02:00
parent a92bdabac3
commit 72e47e2a9d
3 changed files with 40 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+14 -1
View File
@@ -43,7 +43,8 @@ Commands:
run Scan DNS zones and issue or renew certificates (default)
scan List all domains tagged for ACME management
status Show certificate expiry status for all managed domains
renew Force-renew a certificate for a specific domain
renew Force-renew a certificate for a specific domain
download Download the PEM bundle for a domain from Key Vault
Common options:
--keyvault-url <url> Azure KeyVault URL
@@ -77,6 +78,18 @@ azure-acme-provisioner run --http 8080
> **Note:** Binding port 80 requires root privileges or `CAP_NET_BIND_SERVICE`. When running in Docker, map the host port to the container: `-p 80:8080` and pass `--http 8080`.
### Downloading certificates
The `download` command fetches the PEM bundle (private key + certificate + chain) from Key Vault and writes it to stdout or a file:
```sh
# Print to stdout
azure-acme-provisioner download api.example.com
# Write to a file
azure-acme-provisioner download api.example.com --output api.example.com.pem
```
## Configuration
All configuration is via environment variables. CLI flags override env vars when both are provided.