Ferocrypt

A Ruby script that automates the generation and deployment of Let's Encrypt SSL certificates to Ferozo hosting accounts via DonWeb's reseller API.

Features

• Automatic certificate generation using Let's Encrypt ACME protocol
• Support for wildcard certificates (DNS-01 challenge)
• Interactive account selection
• Batch processing of multiple accounts
• Automatic handling of DNS records for validation
• Session management and error handling

Prerequisites

• Ruby 3.1+ (tested with 3.4)
• Bundler
• A DonWeb reseller account with Ferozo hosting accounts

Setup

1. Install dependencies

bundle install

2. Configure authentication

Create a .env file in the project root:

cp .env.example .env

Then edit .env and add your DonWeb session:

1. Log in to donweb.com in your browser
2. Open Developer Tools (F12) → Application/Storage → Cookies
3. Copy the value of the sitio cookie
4. Add it to .env:

   PHPSESSID=your_session_id_here
   

3. Set up ACME account

Generate a private key for your ACME account:

openssl genrsa 4096 > private.pem

Usage

Run the script with your contact email:

ruby lib/ferocrypt.rb your@email.com

The script will:

1. Fetch all your Ferozo hosting accounts
2. Display them with their domains
3. Prompt you to select which accounts to process

Example session

Initializing...
Fetching accounts...

Available accounts:
  1. tunin.com.ar
  2. wprocesos.com.ar
  3. granjacastelli.com.ar
  4. [Error: CSRF token retrieval failed] [UNAVAILABLE]

Select accounts to process (e.g., 1,3,5 or 'all'): 1,2

Selection options

• Specific accounts: 1,3,5 - Process only accounts 1, 3, and 5
• All accounts: all - Process all available accounts
• Single account: 2 - Process only account 2

How it works

1. Authenticates with DonWeb using the PHPSESSID from .env
2. Retrieves all hosting accounts under your reseller account
3. For each selected account:
   • Fetches all domains (excluding *.ferozo.com)
   • Creates Let's Encrypt order for wildcard + apex domains
   • Adds DNS TXT records for ACME validation
   • Waits for validation to complete
   • Generates certificate and private key
   • Installs certificate via Ferozo API
   • Cleans up DNS records

Troubleshooting

"No server URL found for account"

Some hosting accounts may not have API access enabled. These will be skipped automatically.

"[UNAVAILABLE]" accounts

Accounts marked as unavailable couldn't retrieve their domain list. This usually means:

• The Ferozo session expired (try re-running the script)
• The account has API access issues
• Network connectivity problems

These accounts are automatically filtered out when you make a selection.

"Authentication error"

Your DonWeb PHPSESSID has expired. Update the .env file with a fresh cookie value:

1. Log in to donweb.com again
2. Copy the new sitio cookie value
3. Update .env with the new PHPSESSID

Files

• .env - DonWeb session ID (gitignored)
• private.pem - ACME account key (gitignored, auto-generated)
• status.txt - Tracks processed accounts to avoid duplicates (gitignored)

TODO

• Tests
• Automatic PHPSESSID refresh
• Support for custom certificate expiry checks

Disclaimer

For educational purposes only