Deploy hook for Sophos XG

[andrewheberle]

This deploy hook allows a certificate to be pushed to a Sophos XG appliance.

The certificate is not assigned to any use/services. This must be done by the admin.

The initial deployment will be an "add" but subsequent renewals will "update" the existing certificate.

It is expected the first deployment will fail on the "update" step ("update" is tried first as renewing a certificate will happen every two months, but issuing a new certificate will only happen rarely, maybe only once), but then it will attempt the "add" step to add the new certificate.

Basic Usage

env DEPLOY_SOPHOSXG_HOST="IPADDRESS:4444" \
  DEPLOY_SOPHOSXG_USER="admin" \
  DEPLOY_SOPHOSXG_PASSWORD="adminpassword"
  acme.sh -d <domain> --deploy --deploy-hook sophosxg

Full options/env vars

• DEPLOY_SOPHOSXG_HOST: REQUIRED - Appliance admin UI "host:port"
• DEPLOY_SOPHOSXG_USER: REQUIRED - Admin user
• DEPLOY_SOPHOSXG_PASSWORD: REQUIRED - Admin password
• DEPLOY_SOPHOSXG_NAME: OPTIONAL - Defaults to "" - Friendly name for certificate
• DEPLOY_SOPHOSXG_PFX_PASSWORD: OPTIONAL - Defaults to "s0ph0sXG" - password for temporary Pkcs file
• DEPLOY_SOPHOSXG_HTTPS_INSECURE: OPTIONAL - Defaults to "1" - Don't verify HTTPS on appliance (often Admin UI is self-signed)

Other Requirements

1. API access needs to be enabled on the Sophos XG appliance
2. Requires "curl" to work...purely because I am not sure how to do the same process with "wget".

[andrewheberle]

Apologies for the bunch of commits...but this should now be good to go.