aboutsummaryrefslogtreecommitdiff
path: root/solve_tls.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-01-27 18:07:23 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-01-27 18:07:23 +0100
commit39176b1d4c6c23cb17d76dfe1549353045236dcd (patch)
treeaa43b698a08d2f2907ca544ce9277f1caae4f52e /solve_tls.go
parent7cbd3c0ae402391e18d501039428def8a2e60bc2 (diff)
Start testing
Diffstat (limited to 'solve_tls.go')
-rw-r--r--solve_tls.go15
1 files changed, 9 insertions, 6 deletions
diff --git a/solve_tls.go b/solve_tls.go
index 97a0ede..876a39a 100644
--- a/solve_tls.go
+++ b/solve_tls.go
@@ -33,7 +33,7 @@ func NewTLSSolver(addr string) Solver {
return s
}
-func newCert(keyAuth string) (tls.Certificate, error) {
+func newCert(domain string) (tls.Certificate, error) {
fail := func(err error) (tls.Certificate, error) {
return tls.Certificate{}, err
}
@@ -46,9 +46,6 @@ func newCert(keyAuth string) (tls.Certificate, error) {
if err != nil {
return fail(err)
}
- hash := sha256.Sum256([]byte(keyAuth))
- z := hex.EncodeToString(hash[:])
- name := z[:32] + "." + z[32:] + tlsSuffix
tmpl := x509.Certificate{
SerialNumber: serial,
Subject: pkix.Name{
@@ -60,7 +57,7 @@ func newCert(keyAuth string) (tls.Certificate, error) {
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
SignatureAlgorithm: x509.SHA256WithRSA,
- DNSNames: []string{name},
+ DNSNames: []string{domain},
}
crt, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, key.Public(), key)
if err != nil {
@@ -72,9 +69,15 @@ func newCert(keyAuth string) (tls.Certificate, error) {
}, nil
}
+func sniName(keyAuth string) string {
+ hash := sha256.Sum256([]byte(keyAuth))
+ z := hex.EncodeToString(hash[:])
+ return z[:32] + "." + z[32:] + tlsSuffix
+}
+
func (s *tlsSolver) Solve(_, keyAuth string) error {
log.Println("solve tls")
- crt, err := newCert(keyAuth)
+ crt, err := newCert(sniName(keyAuth))
if err != nil {
return err
}