Request, Approve and Download Digicert TLS Cert

digicert.sh

#!/bin/bash
 
#Required
apikey=*YourAPIKey*
domain=*YourOrgDomain*
commonname=$(hostname --fqdn)
orgid=*YourOrgID*
#OV or EV or Private
cert_type=ov 

#Change to your company details
country=*YourCountry*
state=*YourState*
locality=*YourCity*
organization=*YourOrg*
organizationalunit=*YourOU*
email=*YourEmail*
 
#Clear The Screen to make it pretty. 
printf "\033c"

#Optional
password=certkeypassword
 
#Generate a key
printf "Creating Key.\033[0K\r"
openssl genrsa -des3 -passout pass:$password -out $commonname.key 2048 -noout > /dev/null 2>&1

#Remove passphrase from the key. Uncomment the line to remove the passphrase
printf "Removing passphrase from key.\033[0K\r"
openssl rsa -in $commonname.key -passin pass:$password -out $commonname.key > /dev/null 2>&1

#Create the request
printf "Creating CSR.\033[0K\r"
openssl req -new -key $commonname.key -out $commonname.csr -passin pass:$password \
   -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email" > /dev/null 2>&1

#Fix CSR
csr=$(tr -d ' \t\n\r\f' <$commonname.csr )

#Setup Cert Request 
request_cert=$(< <(cat <<EOF
{
  "certificate": {
    "common_name": "$commonname",
    "csr": "$csr",
    "organization_units": [
      "Data Center"
    ],
    "server_platform": {
      "id": 45
    },
    "signature_hash": "sha512"
  },
  "organization": {
    "id": $orgid
  },
  "product": {
    "type_hint": "$cert_type"
  },
  "validity_years": 3,
   "disable_issuance_email": "true",
  "disable_renewal_notifications": "true"
} 
EOF
))

#Setup Cert Approval 
request_issue=$(< <(cat <<EOF
{
  "status": "approved"
}
EOF
))

printf "Requesting DigiCert Cert.\033[0K\r"
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_cert}'" https://www.digicert.com/services/v2/order/certificate/ssl > order.txt
bash order.txt > ordered.txt
sleep 10

printf  "Approving Digicert Cert.\033[0K\r"
ordernumber=$(cat ordered.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $5}')
echo curl -s -X PUT -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"' --data "'${request_issue}'"  "https://www.digicert.com/services/v2/request/${ordernumber}/status" > approve.txt 
bash approve.txt 
sleep 10

printf  "Getting Cert Number.\033[0K\r"
otherordernumber=$(cat ordered.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $2}')
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Content-Type: application/json"'  "https://www.digicert.com/services/v2/order/certificate/${otherordernumber}" > cert.txt
bash cert.txt > certs.txt
#printf  "Sleeping For 60 Seconds To Allow Cert to Be Issued. \n"
secs=60
while [ $secs -gt 0 ]; do
   echo -ne "Sleeping for $secs Seconds To Allow Cert to Be Issued.\033[0K\r"
   sleep 1
   : $((secs--))
done
printf  "Downloading Certs.\033[0K\r"
certnumber=$(cat certs.txt | tr ':' ',' | awk -F',' '$4 ~ /id/ {print $5}')

#Uncomment for a P7B bundle of all the certs in a .p7b file
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/p7b" --output $commonname.p7b > p7b.txt
bash p7b.txt

#Uncomment for Individual .crts (zipped)
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/default" --output  $commonname.zip > zip.txt
bash zip.txt

#Uncomment for a single .pem file containing all the certs
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_all" --output  $commonname.pem > pem.txt
bash pem.txt

#Uncomment for a single .pem file containing all the certs except for the root
echo curl -s -H '"X-DC-DEVKEY: '${apikey}'"' -H '"Accept: */*"' "https://www.digicert.com/services/v2/certificate/${certnumber}/download/format/pem_noroot" --output  $commonname.noroot.pem > pem_noroot.txt
bash pem_noroot.txt

mkdir -p commands 
mv *.txt \commands  
printf  "Done.\033[0K\r"