func (s *Store) downloadCertificate(c *Certificate) error {
log.Debugf("downloading certificate %v", c)
col := s.db.Collection("certs/" + c.ID())
if col == nil {
return fmt.Errorf("cannot get collection")
}
cl := acmeapi.Client{}
crt := acmeapi.Certificate{
URI: c.URL,
}
err := cl.WaitForCertificate(&crt, context.TODO())
if err != nil {
return err
}
if len(crt.Certificate) == 0 {
return fmt.Errorf("nil certificate?")
}
fcert, err := col.Create("cert")
if err != nil {
return err
}
defer fcert.CloseAbort()
fchain, err := col.Create("chain")
if err != nil {
return err
}
defer fchain.CloseAbort()
ffullchain, err := col.Create("fullchain")
if err != nil {
return err
}
defer ffullchain.CloseAbort()
err = pem.Encode(io.MultiWriter(fcert, ffullchain), &pem.Block{
Type: "CERTIFICATE",
Bytes: crt.Certificate,
})
if err != nil {
return err
}
for _, ec := range crt.ExtraCertificates {
err = pem.Encode(io.MultiWriter(fchain, ffullchain), &pem.Block{
Type: "CERTIFICATE",
Bytes: ec,
})
if err != nil {
return err
}
}
fcert.Close()
fchain.Close()
ffullchain.Close()
c.Certificates = nil
c.Certificates = append(c.Certificates, crt.Certificate)
c.Certificates = append(c.Certificates, crt.ExtraCertificates...)
c.Cached = true
return nil
}
