aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-18 17:08:47 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-18 17:08:47 +0100
commit40a9ef230ee6112e6e8bf5981a4e18a17f34e307 (patch)
tree69338560fe2a6085abcd773aceca5eda82e5c3c4
parent67e61eb82fe9fcb69f47037a1a4917dc9cfdd777 (diff)
Add emails to CSR
-rw-r--r--certificate.go4
-rw-r--r--cmd/acme/main.go2
-rw-r--r--cmd/batch/main.go2
-rw-r--r--crypto.go5
4 files changed, 8 insertions, 5 deletions
diff --git a/certificate.go b/certificate.go
index 05ad0f1..26f701c 100644
--- a/certificate.go
+++ b/certificate.go
@@ -10,9 +10,9 @@ type CSR struct {
CSR string `json:"csr"`
}
-func (p *Provider) Bundle(s *Signer, key crypto.PrivateKey, altnames []string) (tls.Certificate, error) {
+func (p *Provider) Bundle(s *Signer, key crypto.PrivateKey, altnames, emails []string) (tls.Certificate, error) {
cert := tls.Certificate{PrivateKey: key}
- csr, err := NewCSR(key, altnames)
+ csr, err := NewCSR(key, altnames, emails)
if err != nil {
return cert, err
}
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index cd80451..faff013 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -106,7 +106,7 @@ func requestCert(prov *acme.Provider, sig *acme.Signer, d domain) error {
}
log.Println("Request bundle for", d.Altnames)
- cert, err := prov.Bundle(sig, c.PrivateKey, d.Altnames)
+ cert, err := prov.Bundle(sig, c.PrivateKey, d.Altnames, nil)
if err != nil {
return err
}
diff --git a/cmd/batch/main.go b/cmd/batch/main.go
index f0a75f0..28620e3 100644
--- a/cmd/batch/main.go
+++ b/cmd/batch/main.go
@@ -8,7 +8,7 @@ func main() {
log.Fatal(err)
}
for _, c := range crt {
- log.Printf("%+v\n", c)
+ log.Printf("%+v\n", c.Leaf.NotAfter)
}
if len(*emails) > 0 && len(*domains) > 0 {
log.Println(*emails)
diff --git a/crypto.go b/crypto.go
index f6aad30..a8ecb41 100644
--- a/crypto.go
+++ b/crypto.go
@@ -93,13 +93,16 @@ func NewKey(size int) (crypto.PrivateKey, error) {
}
}
-func NewCSR(key crypto.PrivateKey, altnames []string) (string, error) {
+func NewCSR(key crypto.PrivateKey, altnames, emails []string) (string, error) {
tmpl := x509.CertificateRequest{
Subject: pkix.Name{CommonName: altnames[0]},
}
if len(altnames) > 1 {
tmpl.DNSNames = altnames
}
+ if len(emails) > 1 {
+ tmpl.EmailAddresses = emails
+ }
der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, key)
if err != nil {
return "", err