Update renew with force flag.

Clean old certificates in volumes on start.

examples/docker/Makefile

@@ -5,7 +5,6 @@ binaries:
 	GOOS=linux go build -o renewer/step github.com/smallstep/cli/cmd/step
 
 build: build-nginx build-ca build-renewer
-
 build-nginx:
 	docker build -t nginx-test:latest nginx
 build-ca:
@@ -21,3 +20,6 @@ down:
 
 inspect:
 	step certificate inspect https://localhost:4443 --insecure
+
+.PHONY: all binaries up down inspect
+.PHONY: build build-nginx build-ca build-renewer

examples/docker/renewer/crontab

@@ -1,2 +1,2 @@
 # min	hour	day	month	weekday	command
-*	*	*	*	*	rm -f /var/local/step/site-new.crt && step ca renew --out /var/local/step/site-new.crt /var/local/step/site.crt /var/local/step/site.key && mv /var/local/step/site-new.crt /var/local/step/site.crt
+*	*	*	*	*	step ca renew --force /var/local/step/site.crt /var/local/step/site.key

examples/docker/renewer/entrypoint.sh

@@ -3,16 +3,16 @@
 # Wait for CA
 sleep 5
 
-if [ ! -f /var/local/step/root_ca.crt ]; then
-    # Donwload the root certificate
-    step ca root /var/local/step/root_ca.crt
-fi
+# Clean old certificates
+rm -f /var/local/step/root_ca.crt
+rm -f /var/local/step/site.crt /var/local/step/site.key
 
-if [ ! -f /var/local/step/site.crt ]; then
-    # Get token
-    STEP_TOKEN=$(step ca token $COMMON_NAME)
-    # Donwload the root certificate
-    step ca certificate --token $STEP_TOKEN $COMMON_NAME /var/local/step/site.crt /var/local/step/site.key
-fi
+# Donwload the root certificate
+step ca root /var/local/step/root_ca.crt
+
+# Get token
+STEP_TOKEN=$(step ca token $COMMON_NAME)
+# Donwload the root certificate
+step ca certificate --token $STEP_TOKEN $COMMON_NAME /var/local/step/site.crt /var/local/step/site.key
 
 exec "$@"