func (s *fdbStore) SaveCertificate(cert *Certificate) error { c := s.db.Collection("certs/" + cert.ID()) if cert.RevocationDesired { err := fdb.CreateEmpty(c, "revoke") if err != nil { return err } } if cert.Revoked { err := fdb.CreateEmpty(c, "revoked") if err != nil { return err } } if len(cert.Certificates) == 0 { return nil } fcert, err := c.Create("cert") if err != nil { return err } defer fcert.CloseAbort() fchain, err := c.Create("chain") if err != nil { return err } defer fchain.CloseAbort() ffullchain, err := c.Create("fullchain") if err != nil { return err } defer ffullchain.CloseAbort() err = acmeutils.SaveCertificates(io.MultiWriter(fcert, ffullchain), cert.Certificates[0]) if err != nil { return err } for _, ec := range cert.Certificates[1:] { err = acmeutils.SaveCertificates(io.MultiWriter(fchain, ffullchain), ec) if err != nil { return err } } fcert.Close() fchain.Close() ffullchain.Close() return nil }
// Try to revoke the certificate with the given certificate ID. // If a key ID is given, revoke all certificates with using key ID. func (s *fdbStore) RevokeByCertificateOrKeyID(certID string) error { c, ok := s.certs[certID] if !ok { return s.revokeByKeyID(certID) } if c.Revoked { log.Warnf("%v already revoked", c) return nil } col := s.db.Collection("certs/" + c.ID()) err := fdb.CreateEmpty(col, "revoke") if err != nil { return err } c.RevocationDesired = true return nil }
func (s *fdbStore) SaveCertificate(cert *Certificate) error { c := s.db.Collection("certs/" + cert.ID()) if cert.RevocationDesired { err := fdb.CreateEmpty(c, "revoke") if err != nil { return err } } if cert.Revoked { err := fdb.CreateEmpty(c, "revoked") if err != nil { return err } } if len(cert.Certificates) == 0 { return nil } fcert, err := c.Create("cert") if err != nil { return err } defer fcert.CloseAbort() fchain, err := c.Create("chain") if err != nil { return err } defer fchain.CloseAbort() ffullchain, err := c.Create("fullchain") if err != nil { return err } defer ffullchain.CloseAbort() err = pem.Encode(io.MultiWriter(fcert, ffullchain), &pem.Block{ Type: "CERTIFICATE", Bytes: cert.Certificates[0], }) if err != nil { return err } for _, ec := range cert.Certificates[1:] { err = pem.Encode(io.MultiWriter(fchain, ffullchain), &pem.Block{ Type: "CERTIFICATE", Bytes: ec, }) if err != nil { return err } } fcert.Close() fchain.Close() ffullchain.Close() return nil }