aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--authorize.go18
-rw-r--r--certificate.go4
-rw-r--r--cmd/acme/main.go12
-rw-r--r--desire.go20
4 files changed, 28 insertions, 26 deletions
diff --git a/authorize.go b/authorize.go
index a019aed..55e8edf 100644
--- a/authorize.go
+++ b/authorize.go
@@ -63,16 +63,18 @@ func (p *Provider) authorize(s Signer, domain string, sol map[ChalType]Solver) (
return req.Supported(sol), nil
}
-func (p *Provider) Authorize(s Signer, d *Desire, domain string) error {
- chal, err := p.authorize(s, domain, d.solver)
- if err != nil {
- return err
- }
- for _, ch := range chal {
- sol := d.solver[ch.Type]
- if err := p.Solve(s, ch, sol); err != nil {
+func (p *Provider) Authorize(s Signer, d *Desire) error {
+ for _, domain := range d.altnames {
+ chal, err := p.authorize(s, domain, d.solver)
+ if err != nil {
return err
}
+ for _, ch := range chal {
+ sol := d.solver[ch.Type]
+ if err := p.Solve(s, ch, sol); err != nil {
+ return err
+ }
+ }
}
return nil
}
diff --git a/certificate.go b/certificate.go
index 3a338ba..999e718 100644
--- a/certificate.go
+++ b/certificate.go
@@ -5,8 +5,8 @@ type CSR struct {
CSR string `json:"csr"`
}
-func (p *Provider) Bundle(s Signer, d *Desire, altnames []string) error {
- csr, err := d.CSR(altnames)
+func (p *Provider) Bundle(s Signer, d *Desire) error {
+ csr, err := d.CSR()
if err != nil {
return err
}
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index 684b8cb..a87213a 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -56,7 +56,7 @@ func main() {
}
for _, v := range v.Domain {
- des, err := acme.NewDesire(v.KeySize)
+ des, err := acme.NewDesire(v.Altnames, v.KeySize)
if err != nil {
log.Fatal(err)
}
@@ -73,15 +73,13 @@ func main() {
log.Fatal("no solver")
}
- for _, domain := range v.Altnames {
- log.Println("Authorize", domain)
- if err := prov.Authorize(acc, des, domain); err != nil {
- log.Fatal(err)
- }
+ log.Println("Authorize", v.Altnames)
+ if err := prov.Authorize(acc, des); err != nil {
+ log.Fatal(err)
}
log.Println("Request bundle for", v.Altnames)
- if err := prov.Bundle(acc, des, v.Altnames); err != nil {
+ if err := prov.Bundle(acc, des); err != nil {
log.Fatal(err)
}
diff --git a/desire.go b/desire.go
index 25c5ebd..4e7392a 100644
--- a/desire.go
+++ b/desire.go
@@ -10,18 +10,20 @@ import (
)
type Desire struct {
- cert tls.Certificate
- solver map[ChalType]Solver
+ cert tls.Certificate
+ altnames []string
+ solver map[ChalType]Solver
}
-func NewDesire(size int) (*Desire, error) {
+func NewDesire(altnames []string, size int) (*Desire, error) {
key, err := rsa.GenerateKey(rand.Reader, size)
if err != nil {
return nil, err
}
return &Desire{
- cert: tls.Certificate{PrivateKey: key},
- solver: make(map[ChalType]Solver),
+ cert: tls.Certificate{PrivateKey: key},
+ altnames: altnames,
+ solver: make(map[ChalType]Solver),
}, nil
}
@@ -33,12 +35,12 @@ func (d *Desire) HasSolver() bool {
return len(d.solver) > 0
}
-func (d *Desire) CSR(altnames []string) (string, error) {
+func (d *Desire) CSR() (string, error) {
tmpl := x509.CertificateRequest{
- Subject: pkix.Name{CommonName: altnames[0]},
+ Subject: pkix.Name{CommonName: d.altnames[0]},
}
- if len(altnames) > 1 {
- tmpl.DNSNames = altnames
+ if len(d.altnames) > 1 {
+ tmpl.DNSNames = d.altnames
}
der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, d.cert.PrivateKey)
if err != nil {