Пример #1
0
func newChainAction(c *cli.Context) {
	crt, err := depot.GetCertificateAuthority(d)
	if err != nil {
		fmt.Fprintln(os.Stderr, "Get CA certificate error:", err)
		if isFileNotExist(err) {
			fmt.Fprintln(os.Stderr, "Please run 'ca-ctl init' to initial the depot.")
		}
		os.Exit(1)
	}
	// Should not fail if creating from depot
	crtBytes, _ := crt.Export()

	if len(c.Args()) == 0 {
		fmt.Fprintln(os.Stderr, "Outputting CA certificate body:")
		fmt.Printf("%s", crtBytes)
		return
	}
	name := c.Args()[0]

	crtHost, err := depot.GetCertificateHost(d, name)
	if err != nil {
		fmt.Fprintln(os.Stderr, "Get certificate error:", err)
		os.Exit(1)
	}
	crtHostBytes, _ := crtHost.Export()

	if err = crt.VerifyHost(crtHost, name); err != nil {
		fmt.Fprintln(os.Stderr, "Verify certificate chain error:", err)
		os.Exit(1)
	}

	fmt.Fprintln(os.Stderr, "Outputting CA and Host certificate body:")
	fmt.Printf("%s%s", crtBytes, crtHostBytes)
}
Пример #2
0
func newStatusAction(c *cli.Context) {
	crtAuth, err := depot.GetCertificateAuthority(d)
	if err != nil {
		fmt.Fprintln(os.Stderr, "CA certificate hasn't existed!")
	} else {
		printSignedStatusLine(crtAuth, "CA")
	}

	tags := d.List()
	for _, tag := range tags {
		name := depot.GetNameFromHostCrtTag(tag)
		if name == "" {
			continue
		}
		if !depot.CheckCertificateSigningRequest(d, name) {
			fmt.Fprintln(os.Stderr, "Certificate request hasn't existed!")
			continue
		}
		crt, err := depot.GetCertificateHost(d, name)
		if err != nil {
			fmt.Printf("%s: Unsigned\n", name)
			continue
		}
		printSignedStatusLine(crt, name)
	}
}