From 941e753c80d70b4405e9df289b9d78b06b45eeca Mon Sep 17 00:00:00 2001 From: Joshua Boelter Date: Sat, 18 Jun 2016 22:55:15 -0700 Subject: [PATCH] Add optional support for .pem output (.crt + .key) --- cli.go | 4 ++++ cli_handlers.go | 13 +++++++++++++ 2 files changed, 17 insertions(+) diff --git a/cli.go b/cli.go index 9747ab98..b94c7b6d 100644 --- a/cli.go +++ b/cli.go @@ -158,6 +158,10 @@ func main() { Name: "dns-timeout", Usage: "Set the DNS timeout value to a specific value in seconds. The default is 10 seconds.", }, + cli.BoolFlag{ + Name: "pem", + Usage: "Generate a .pem file by concatanating the .key and .crt files together.", + }, } err = app.Run(os.Args) diff --git a/cli_handlers.go b/cli_handlers.go index 99da0144..6963a545 100644 --- a/cli_handlers.go +++ b/cli_handlers.go @@ -2,6 +2,7 @@ package main import ( "bufio" + "bytes" "crypto/x509" "encoding/json" "encoding/pem" @@ -143,6 +144,7 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) { // as web servers would not be able to work with a combined file. certOut := path.Join(conf.CertPath(), certRes.Domain+".crt") privOut := path.Join(conf.CertPath(), certRes.Domain+".key") + pemOut := path.Join(conf.CertPath(), certRes.Domain+".pem") metaOut := path.Join(conf.CertPath(), certRes.Domain+".json") err := ioutil.WriteFile(certOut, certRes.Certificate, 0600) @@ -156,6 +158,17 @@ func saveCertRes(certRes acme.CertificateResource, conf *Configuration) { if err != nil { logger().Fatalf("Unable to save PrivateKey for domain %s\n\t%s", certRes.Domain, err.Error()) } + + if conf.context.GlobalBool("pem") { + err = ioutil.WriteFile(pemOut, bytes.Join([][]byte{certRes.Certificate, certRes.PrivateKey}, nil), 0600) + if err != nil { + logger().Fatalf("Unable to save Certificate and PrivateKey in .pem for domain %s\n\t%s", certRes.Domain, err.Error()) + } + } + + } else if conf.context.GlobalBool("pem") { + // we don't have the private key; can't write the .pem file + logger().Fatalf("Unable to save pem without private key for domain %s\n\t%s; are you using a CSR?", certRes.Domain, err.Error()) } jsonBytes, err := json.MarshalIndent(certRes, "", "\t")