forked from TrueCloudLab/lego
Add optional support for .pem output (.crt + .key)
This commit is contained in:
parent
b2fad61981
commit
941e753c80
2 changed files with 17 additions and 0 deletions
4
cli.go
4
cli.go
|
@ -158,6 +158,10 @@ func main() {
|
||||||
Name: "dns-timeout",
|
Name: "dns-timeout",
|
||||||
Usage: "Set the DNS timeout value to a specific value in seconds. The default is 10 seconds.",
|
Usage: "Set the DNS timeout value to a specific value in seconds. The default is 10 seconds.",
|
||||||
},
|
},
|
||||||
|
cli.BoolFlag{
|
||||||
|
Name: "pem",
|
||||||
|
Usage: "Generate a .pem file by concatanating the .key and .crt files together.",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
err = app.Run(os.Args)
|
err = app.Run(os.Args)
|
||||||
|
|
|
@ -2,6 +2,7 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bufio"
|
"bufio"
|
||||||
|
"bytes"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
|
@ -143,6 +144,7 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {
|
||||||
// as web servers would not be able to work with a combined file.
|
// as web servers would not be able to work with a combined file.
|
||||||
certOut := path.Join(conf.CertPath(), certRes.Domain+".crt")
|
certOut := path.Join(conf.CertPath(), certRes.Domain+".crt")
|
||||||
privOut := path.Join(conf.CertPath(), certRes.Domain+".key")
|
privOut := path.Join(conf.CertPath(), certRes.Domain+".key")
|
||||||
|
pemOut := path.Join(conf.CertPath(), certRes.Domain+".pem")
|
||||||
metaOut := path.Join(conf.CertPath(), certRes.Domain+".json")
|
metaOut := path.Join(conf.CertPath(), certRes.Domain+".json")
|
||||||
|
|
||||||
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
|
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
|
||||||
|
@ -156,6 +158,17 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger().Fatalf("Unable to save PrivateKey for domain %s\n\t%s", certRes.Domain, err.Error())
|
logger().Fatalf("Unable to save PrivateKey for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if conf.context.GlobalBool("pem") {
|
||||||
|
err = ioutil.WriteFile(pemOut, bytes.Join([][]byte{certRes.Certificate, certRes.PrivateKey}, nil), 0600)
|
||||||
|
if err != nil {
|
||||||
|
logger().Fatalf("Unable to save Certificate and PrivateKey in .pem for domain %s\n\t%s", certRes.Domain, err.Error())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} else if conf.context.GlobalBool("pem") {
|
||||||
|
// we don't have the private key; can't write the .pem file
|
||||||
|
logger().Fatalf("Unable to save pem without private key for domain %s\n\t%s; are you using a CSR?", certRes.Domain, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")
|
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")
|
||||||
|
|
Loading…
Reference in a new issue