aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-01-14 01:03:13 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-01-14 01:03:13 +0100
commitdaf5a7d875e9744abf462c09b1a5cef77a98e9fd (patch)
tree95b461ffdd0a18740ac5a0883ec6782a7a2a9999
parent92023bf6e060e2adf240964d2d7589c43eca7f75 (diff)
Backup old cert and key
-rw-r--r--README.md5
-rw-r--r--cmd/acme/docker.toml9
-rw-r--r--desire.go11
-rw-r--r--provider.go6
4 files changed, 28 insertions, 3 deletions
diff --git a/README.md b/README.md
index 6698687..a04c520 100644
--- a/README.md
+++ b/README.md
@@ -91,3 +91,8 @@ slogin -R \*:80:localhost:8080 -N root@docker.moccu.com
- account key (signer)
- cert key (desire)
- altnames (desire)
+
+# redesign
+
+- account -> signer
+- desire -> map[domain]signer
diff --git a/cmd/acme/docker.toml b/cmd/acme/docker.toml
index bd1c359..7a2abae 100644
--- a/cmd/acme/docker.toml
+++ b/cmd/acme/docker.toml
@@ -16,11 +16,18 @@ key = "private/webmaster.key"
[desire.docker]
provider = "les"
account = "webmaster"
-altnames = [ "docker.moccu.com" ]
+altnames = [ "docker.moccu.com", "test.docker.moccu.com" ]
key = "private/docker_moccu_com.key"
cert = "certs/docker_moccu_com.pem"
#webroot = "/var/www/htdocs"
#hooks = [ "nginx" ]
+[desire.www]
+provider = "les"
+account = "webmaster"
+altnames = [ "www.docker.moccu.com" ]
+key = "private/www_docker_moccu_com.key"
+cert = "certs/www_docker_moccu_com.pem"
+
[hook.nginx]
cmd = "sudo service nginx reload"
diff --git a/desire.go b/desire.go
index b945508..2110789 100644
--- a/desire.go
+++ b/desire.go
@@ -6,6 +6,7 @@ import (
"crypto/x509"
"crypto/x509/pkix"
"encoding/base64"
+ "os"
)
type Desire struct {
@@ -40,7 +41,14 @@ func (d *Desire) RegisterSolver(c ChallengeType, s Solver) {
d.solver[c] = s
}
+func backup(fname string) error {
+ return os.Rename(fname, fname+".bak")
+}
+
func (d *Desire) SaveKey(fname string) error {
+ if err := backup(fname); err != nil {
+ return err
+ }
fd, err := CreatePrivFile(fname)
if err != nil {
return err
@@ -50,6 +58,9 @@ func (d *Desire) SaveKey(fname string) error {
}
func (d *Desire) SaveCert(fname string) error {
+ if err := backup(fname); err != nil {
+ return err
+ }
fd, err := CreatePubFile(fname)
if err != nil {
return err
diff --git a/provider.go b/provider.go
index 953f2ad..cc1c46c 100644
--- a/provider.go
+++ b/provider.go
@@ -124,8 +124,9 @@ func (p *Provider) parseJson(resp *http.Response, v interface{}) (nextStep, erro
return ns, problem(resp.Body)
case "application/json":
return ns, json.NewDecoder(resp.Body).Decode(v)
+ default:
+ return ns, errContentType
}
- return ns, errContentType
}
func (p *Provider) parseCert(resp *http.Response) (*x509.Certificate, nextStep, error) {
@@ -137,8 +138,9 @@ func (p *Provider) parseCert(resp *http.Response) (*x509.Certificate, nextStep,
case "application/pkix-cert":
c, err := readCert(resp.Body)
return c, ns, err
+ default:
+ return nil, ns, errContentType
}
- return nil, ns, errContentType
}
func problem(r io.Reader) error {