Add optional support for .pem output (.crt + .key)

This commit is contained in:
Joshua Boelter 2016-06-18 22:55:15 -07:00
parent b2fad61981
commit 941e753c80
2 changed files with 17 additions and 0 deletions

4
cli.go
View file

@ -158,6 +158,10 @@ func main() {
Name: "dns-timeout",
Usage: "Set the DNS timeout value to a specific value in seconds. The default is 10 seconds.",
},
cli.BoolFlag{
Name: "pem",
Usage: "Generate a .pem file by concatanating the .key and .crt files together.",
},
}
err = app.Run(os.Args)

View file

@ -2,6 +2,7 @@ package main
import (
"bufio"
"bytes"
"crypto/x509"
"encoding/json"
"encoding/pem"
@ -143,6 +144,7 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {
// as web servers would not be able to work with a combined file.
certOut := path.Join(conf.CertPath(), certRes.Domain+".crt")
privOut := path.Join(conf.CertPath(), certRes.Domain+".key")
pemOut := path.Join(conf.CertPath(), certRes.Domain+".pem")
metaOut := path.Join(conf.CertPath(), certRes.Domain+".json")
err := ioutil.WriteFile(certOut, certRes.Certificate, 0600)
@ -156,6 +158,17 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) {
if err != nil {
logger().Fatalf("Unable to save PrivateKey for domain %s\n\t%s", certRes.Domain, err.Error())
}
if conf.context.GlobalBool("pem") {
err = ioutil.WriteFile(pemOut, bytes.Join([][]byte{certRes.Certificate, certRes.PrivateKey}, nil), 0600)
if err != nil {
logger().Fatalf("Unable to save Certificate and PrivateKey in .pem for domain %s\n\t%s", certRes.Domain, err.Error())
}
}
} else if conf.context.GlobalBool("pem") {
// we don't have the private key; can't write the .pem file
logger().Fatalf("Unable to save pem without private key for domain %s\n\t%s; are you using a CSR?", certRes.Domain, err.Error())
}
jsonBytes, err := json.MarshalIndent(certRes, "", "\t")