rpki is a wrapper package that PKI-enables the httr package and the built-in download.file()
method. Conceptually, rpki is similar to the Python pypki2 and ipydeps packages, and is intended to use the same mypki configuration file.
rpki
if necessary.rpki
folder was downloaded.R CMD INSTALL rpki
At minimum, you must provide a pkcs#12 file (and password) and Certificate Authority bundle
library(rpki)
pki_enable_httr(pki_file = '/path/to/my/pki_file.p12', ca_file = 'path/to/my/ca_bundle.crt')
resp <- GET('https://your.pki.enabled.website/path/to/whatever')
Alternatively, the pki file and CA bundle can be defined in a configuration file (see below) and placed in your home directory at ~/.mypki
for reuse. You only need to provide the pki password once per R session.
library(rpki)
pki_enable_httr()
resp <- GET('https://your.pki.enabled.website/path/to/whatever')
rpki can run in interactive or non-interactive R sessions. The major difference is the pki passphrase must be passed in plain text for non-interactive sessions (see examples below). All examples below assume a mypki configuration file has been created (see section on .mypki configuration file).
library(rpki)
pki_enable_httr() # will prompt for pki passphrase if necessary
GET('https://your.pki.enabled.website/path/to/whatever')
rpki can run in non-interactive sessions when the pki passphrase is explicitly provided.
library(rpki)
pki_enable_httr(password = 'my_pki_passphrase') # will not prompt for pki passphrase
GET('https://your.pki.enabled.website/path/to/whatever')
library(rpki)
pki_enable_download_file() # will prompt for passphrase
install.packages('my_private_package')
library(rpki)
pki_enable_download_file(password = 'my_pki_passphrase')
install.packages('my_private_package')
Configuration options can be explicitly defined in order to override default settings (interactive or non-interactive mode).
library(rpki)
pki_enable_httr(ca_file = '/path/to/certificate_authority.crt',
pki_file = '/path/to/my/pki.p12',
override = TRUE)
GET('https://your.pki.enabled.website/path/to/whatever')
pki_enable_download_file() # will not prompt for password again
install.packages('my_private_package')
library(rpki)
pki_enable_httr(ca_file = '/path/to/certificate_authority.crt',
pki_file = '/path/to/my/pki.p12',
password = 'my_pki_passphrase',
override = TRUE)
GET('https://your.pki.enabled.website/path/to/whatever')
pki_enable_download_file() # will not prompt for password again
install.packages('my_private_package')
By default rpki expects a .mypki configuration file to be located in the user's home directory at ~/.mypki
. If the configuration file is invalid or corrupt, the user will be prompted for file paths to a certificate authority bundle and a PKI file. rpki will only prompt the user for a pki passphrase once per R session.
To pki-enable the httr package, rpki modifies the following httr config settings cainfo sslcert sslkey keypasswd
To pki-enable the download.file()
method, the download method is set to "curl" and the following extra curl command line arguments are set
cacert
cert
key
pass
By modifying download.file()
, the standard install.packages()
function can be used to install packages over secure connections (https).
A .mypki
configuration file is in json format and defines the absolute file paths to a Certificate Authority (CA) bundle and a pkcs#12 digital certificate.
{
"ca": "/path/to/certificate_authority_bundle.crt",
"p12": {
"path": "/path/to/pki_digital_certificate.p12"
}
}
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.