aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--solve_http.go6
-rw-r--r--solve_tls.go40
2 files changed, 43 insertions, 3 deletions
diff --git a/solve_http.go b/solve_http.go
index cf08669..d80bf4c 100644
--- a/solve_http.go
+++ b/solve_http.go
@@ -2,6 +2,7 @@ package acme
import (
"io"
+ "log"
"net/http"
"path"
)
@@ -11,14 +12,15 @@ type httpSolver struct {
}
func NewHTTPSolver(addr string) Solver {
- var s httpSolver
+ s := new(httpSolver)
s.Server = http.Server{Addr: addr}
go s.ListenAndServe()
- return &s
+ return s
}
func (s *httpSolver) Solve(token, keyAuth string) error {
p := path.Join(WellKnown, token)
+ log.Println("solve", p)
http.HandleFunc(p, func(w http.ResponseWriter, r *http.Request) {
io.WriteString(w, keyAuth)
})
diff --git a/solve_tls.go b/solve_tls.go
index 98be2a0..b9fd20d 100644
--- a/solve_tls.go
+++ b/solve_tls.go
@@ -1,12 +1,50 @@
package acme
-import "net/http"
+import (
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "math/big"
+ "net/http"
+ "time"
+)
+
+const tlsKeySize = 2048
type tlsSolver struct {
http.Server
}
+func NewTLSSolver(addr string) Solver {
+ s := new(tlsSolver)
+ s.Server = http.Server{Addr: addr}
+ go s.ListenAndServe()
+ return s
+}
+
func (s *tlsSolver) Solve(token, keyAuth string) error {
+ tlsKey, err := rsa.GenerateKey(rand.Reader, tlsKeySize)
+ if err != nil {
+ return err
+ }
+ serialMax := new(big.Int).Lsh(big.NewInt(1), 128)
+ serial, err := rand.Int(rand.Reader, serialMax)
+ if err != nil {
+ return err
+ }
+ tmpl := x509.Certificate{
+ SerialNumber: serial,
+ Subject: pkix.Name{
+ Organization: []string{"Acme Co"},
+ },
+ NotBefore: time.Now(),
+ NotAfter: time.Now().Add(time.Hour),
+ KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+ ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+ BasicConstraintsValid: true,
+ }
+ _, _ = tlsKey, tmpl
return nil
}