package main import ( "crypto" "crypto/tls" "io" "os" "syscall" "dim13.org/acme" ) func NewFile(fname string, mode os.FileMode) (io.WriteCloser, error) { err := os.Rename(fname, fname+".bak") if nerr, ok := err.(*os.LinkError); ok && nerr.Err != syscall.ENOENT { return nil, err } flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC return os.OpenFile(fname, flags, mode) } func (d domain) Save(cert tls.Certificate) error { // save key fd, err := NewFile(d.KeyFile, 0600) if err != nil { return err } defer fd.Close() err = acme.SaveKey(fd, cert.PrivateKey) if err != nil { return err } // save certs fd, err = NewFile(d.CrtFile, 0644) if err != nil { return err } defer fd.Close() for _, crt := range cert.Certificate { if err := acme.SaveCert(fd, crt); err != nil { return err } } return nil } func (a account) Save(key crypto.PrivateKey) error { fd, err := NewFile(a.KeyFile, 0600) if err != nil { return err } defer fd.Close() return acme.SaveKey(fd, key) } func (a account) Load() (crypto.PrivateKey, error) { fd, err := os.Open(a.KeyFile) if err != nil { return nil, err } defer fd.Close() return acme.LoadKey(fd) }