// ACME CLI tool package main import ( "flag" "log" "os" "runtime/trace" "dim13.org/acme" ) var ( confName = flag.String("conf", "acme.toml", "configuration file") tracing = flag.String("trace", "", "trace output") ) func prepare(conf *Config) error { var err error for k, acc := range conf.Account { log.Println("LoadAccount", k) acc.Account, err = acme.LoadAccount(acc.Key) if err != nil { log.Println("NewAccount", k) acc.Account, err = acme.NewAccount(acc.KeySize) if err != nil { return err } if err := acc.Account.Save(acc.Key); err != nil { return err } } acc.Contacts.AddMail(acc.Mail) acc.Contacts.AddPhone(acc.Phone) conf.Account[k] = acc } for k, des := range conf.Desire { log.Println("NewDesire", k) des.Desire, err = acme.NewDesire(des.Altnames, des.KeySize) if err != nil { return err } conf.Desire[k] = des } for k, pro := range conf.Provider { log.Println("DialProvider", k) pro.Provider, err = acme.DialProvider(pro.Directory) if err != nil { return err } conf.Provider[k] = pro } return nil } func satisfice(des *desire) error { if !des.account.registered { log.Println("register acc") if err := des.provider.Register(des.account, des.account.Contacts); err != nil { return err } des.account.registered = true } if err := des.provider.Authorize(des.account, des.Desire); err != nil { return err } if err := des.provider.Bundle(des.account, des.Desire); err != nil { return err } if err := des.Save(des.Cert, des.Key); err != nil { return err } return nil } func main() { flag.Parse() if *tracing != "" { f, err := os.Create(*tracing) if err != nil { log.Fatal(err) } trace.Start(f) defer trace.Stop() } conf, err := LoadConfig(*confName) if err != nil { log.Fatal(err) } var httpSol, tlsSol acme.Solver if conf.Defaults.Listen != "" { httpSol, err = acme.NewHTTPSolver(conf.Defaults.Listen) if err != nil { log.Println(err) } } if conf.Defaults.ListenTLS != "" { tlsSol, err = acme.NewTLSSolver(conf.Defaults.ListenTLS) if err != nil { log.Println(err) } } if err := prepare(conf); err != nil { log.Fatal(err) } for k, des := range conf.Desire { if des.Webroot != "" { wrSol := acme.NewWebrootSolver(des.Webroot) des.RegisterSolver(acme.ChallengeHTTP, wrSol) } else if httpSol != nil { des.RegisterSolver(acme.ChallengeHTTP, httpSol) } if tlsSol != nil { des.RegisterSolver(acme.ChallengeTLS, tlsSol) } if !des.HasSolver() { log.Fatal("no Solver available") } log.Println("satisfice", k) if err := satisfice(des); err != nil { log.Fatal(err) } } }