diff options
author | Dimitri Sokolyuk <demon@dim13.org> | 2016-01-14 01:03:13 +0100 |
---|---|---|
committer | Dimitri Sokolyuk <demon@dim13.org> | 2016-01-14 01:03:13 +0100 |
commit | daf5a7d875e9744abf462c09b1a5cef77a98e9fd (patch) | |
tree | 95b461ffdd0a18740ac5a0883ec6782a7a2a9999 | |
parent | 92023bf6e060e2adf240964d2d7589c43eca7f75 (diff) |
Backup old cert and key
-rw-r--r-- | README.md | 5 | ||||
-rw-r--r-- | cmd/acme/docker.toml | 9 | ||||
-rw-r--r-- | desire.go | 11 | ||||
-rw-r--r-- | provider.go | 6 |
4 files changed, 28 insertions, 3 deletions
@@ -91,3 +91,8 @@ slogin -R \*:80:localhost:8080 -N root@docker.moccu.com - account key (signer) - cert key (desire) - altnames (desire) + +# redesign + +- account -> signer +- desire -> map[domain]signer diff --git a/cmd/acme/docker.toml b/cmd/acme/docker.toml index bd1c359..7a2abae 100644 --- a/cmd/acme/docker.toml +++ b/cmd/acme/docker.toml @@ -16,11 +16,18 @@ key = "private/webmaster.key" [desire.docker] provider = "les" account = "webmaster" -altnames = [ "docker.moccu.com" ] +altnames = [ "docker.moccu.com", "test.docker.moccu.com" ] key = "private/docker_moccu_com.key" cert = "certs/docker_moccu_com.pem" #webroot = "/var/www/htdocs" #hooks = [ "nginx" ] +[desire.www] +provider = "les" +account = "webmaster" +altnames = [ "www.docker.moccu.com" ] +key = "private/www_docker_moccu_com.key" +cert = "certs/www_docker_moccu_com.pem" + [hook.nginx] cmd = "sudo service nginx reload" @@ -6,6 +6,7 @@ import ( "crypto/x509" "crypto/x509/pkix" "encoding/base64" + "os" ) type Desire struct { @@ -40,7 +41,14 @@ func (d *Desire) RegisterSolver(c ChallengeType, s Solver) { d.solver[c] = s } +func backup(fname string) error { + return os.Rename(fname, fname+".bak") +} + func (d *Desire) SaveKey(fname string) error { + if err := backup(fname); err != nil { + return err + } fd, err := CreatePrivFile(fname) if err != nil { return err @@ -50,6 +58,9 @@ func (d *Desire) SaveKey(fname string) error { } func (d *Desire) SaveCert(fname string) error { + if err := backup(fname); err != nil { + return err + } fd, err := CreatePubFile(fname) if err != nil { return err diff --git a/provider.go b/provider.go index 953f2ad..cc1c46c 100644 --- a/provider.go +++ b/provider.go @@ -124,8 +124,9 @@ func (p *Provider) parseJson(resp *http.Response, v interface{}) (nextStep, erro return ns, problem(resp.Body) case "application/json": return ns, json.NewDecoder(resp.Body).Decode(v) + default: + return ns, errContentType } - return ns, errContentType } func (p *Provider) parseCert(resp *http.Response) (*x509.Certificate, nextStep, error) { @@ -137,8 +138,9 @@ func (p *Provider) parseCert(resp *http.Response) (*x509.Certificate, nextStep, case "application/pkix-cert": c, err := readCert(resp.Body) return c, ns, err + default: + return nil, ns, errContentType } - return nil, ns, errContentType } func problem(r io.Reader) error { |