Beispiel #1
0
func (s *fdbStore) SaveCertificate(cert *Certificate) error {
	c := s.db.Collection("certs/" + cert.ID())

	if cert.RevocationDesired {
		err := fdb.CreateEmpty(c, "revoke")
		if err != nil {
			return err
		}
	}

	if cert.Revoked {
		err := fdb.CreateEmpty(c, "revoked")
		if err != nil {
			return err
		}
	}

	if len(cert.Certificates) == 0 {
		return nil
	}

	fcert, err := c.Create("cert")
	if err != nil {
		return err
	}
	defer fcert.CloseAbort()

	fchain, err := c.Create("chain")
	if err != nil {
		return err
	}
	defer fchain.CloseAbort()

	ffullchain, err := c.Create("fullchain")
	if err != nil {
		return err
	}
	defer ffullchain.CloseAbort()

	err = acmeutils.SaveCertificates(io.MultiWriter(fcert, ffullchain), cert.Certificates[0])
	if err != nil {
		return err
	}

	for _, ec := range cert.Certificates[1:] {
		err = acmeutils.SaveCertificates(io.MultiWriter(fchain, ffullchain), ec)
		if err != nil {
			return err
		}
	}

	fcert.Close()
	fchain.Close()
	ffullchain.Close()

	return nil
}
Beispiel #2
0
// Try to revoke the certificate with the given certificate ID.
// If a key ID is given, revoke all certificates with using key ID.
func (s *fdbStore) RevokeByCertificateOrKeyID(certID string) error {
	c, ok := s.certs[certID]
	if !ok {
		return s.revokeByKeyID(certID)
	}

	if c.Revoked {
		log.Warnf("%v already revoked", c)
		return nil
	}

	col := s.db.Collection("certs/" + c.ID())
	err := fdb.CreateEmpty(col, "revoke")
	if err != nil {
		return err
	}

	c.RevocationDesired = true
	return nil
}
Beispiel #3
0
func (s *fdbStore) SaveCertificate(cert *Certificate) error {
	c := s.db.Collection("certs/" + cert.ID())

	if cert.RevocationDesired {
		err := fdb.CreateEmpty(c, "revoke")
		if err != nil {
			return err
		}
	}

	if cert.Revoked {
		err := fdb.CreateEmpty(c, "revoked")
		if err != nil {
			return err
		}
	}

	if len(cert.Certificates) == 0 {
		return nil
	}

	fcert, err := c.Create("cert")
	if err != nil {
		return err
	}
	defer fcert.CloseAbort()

	fchain, err := c.Create("chain")
	if err != nil {
		return err
	}
	defer fchain.CloseAbort()

	ffullchain, err := c.Create("fullchain")
	if err != nil {
		return err
	}
	defer ffullchain.CloseAbort()

	err = pem.Encode(io.MultiWriter(fcert, ffullchain), &pem.Block{
		Type:  "CERTIFICATE",
		Bytes: cert.Certificates[0],
	})
	if err != nil {
		return err
	}

	for _, ec := range cert.Certificates[1:] {
		err = pem.Encode(io.MultiWriter(fchain, ffullchain), &pem.Block{
			Type:  "CERTIFICATE",
			Bytes: ec,
		})
		if err != nil {
			return err
		}
	}

	fcert.Close()
	fchain.Close()
	ffullchain.Close()

	return nil
}