func newChainAction(c *cli.Context) {
crt, err := depot.GetCertificateAuthority(d)
if err != nil {
fmt.Fprintln(os.Stderr, "Get CA certificate error:", err)
if isFileNotExist(err) {
fmt.Fprintln(os.Stderr, "Please run 'ca-ctl init' to initial the depot.")
}
os.Exit(1)
}
// Should not fail if creating from depot
crtBytes, _ := crt.Export()
if len(c.Args()) == 0 {
fmt.Fprintln(os.Stderr, "Outputting CA certificate body:")
fmt.Printf("%s", crtBytes)
return
}
name := c.Args()[0]
crtHost, err := depot.GetCertificateHost(d, name)
if err != nil {
fmt.Fprintln(os.Stderr, "Get certificate error:", err)
os.Exit(1)
}
crtHostBytes, _ := crtHost.Export()
if err = crt.VerifyHost(crtHost, name); err != nil {
fmt.Fprintln(os.Stderr, "Verify certificate chain error:", err)
os.Exit(1)
}
fmt.Fprintln(os.Stderr, "Outputting CA and Host certificate body:")
fmt.Printf("%s%s", crtBytes, crtHostBytes)
}
func newStatusAction(c *cli.Context) {
crtAuth, err := depot.GetCertificateAuthority(d)
if err != nil {
fmt.Fprintln(os.Stderr, "CA certificate hasn't existed!")
} else {
printSignedStatusLine(crtAuth, "CA")
}
tags := d.List()
for _, tag := range tags {
name := depot.GetNameFromHostCrtTag(tag)
if name == "" {
continue
}
if !depot.CheckCertificateSigningRequest(d, name) {
fmt.Fprintln(os.Stderr, "Certificate request hasn't existed!")
continue
}
crt, err := depot.GetCertificateHost(d, name)
if err != nil {
fmt.Printf("%s: Unsigned\n", name)
continue
}
printSignedStatusLine(crt, name)
}
}