func (s *Store) downloadCertificate(c *Certificate) error { log.Debugf("downloading certificate %v", c) col := s.db.Collection("certs/" + c.ID()) if col == nil { return fmt.Errorf("cannot get collection") } cl := acmeapi.Client{} crt := acmeapi.Certificate{ URI: c.URL, } err := cl.WaitForCertificate(&crt, context.TODO()) if err != nil { return err } if len(crt.Certificate) == 0 { return fmt.Errorf("nil certificate?") } fcert, err := col.Create("cert") if err != nil { return err } defer fcert.CloseAbort() fchain, err := col.Create("chain") if err != nil { return err } defer fchain.CloseAbort() ffullchain, err := col.Create("fullchain") if err != nil { return err } defer ffullchain.CloseAbort() err = pem.Encode(io.MultiWriter(fcert, ffullchain), &pem.Block{ Type: "CERTIFICATE", Bytes: crt.Certificate, }) if err != nil { return err } for _, ec := range crt.ExtraCertificates { err = pem.Encode(io.MultiWriter(fchain, ffullchain), &pem.Block{ Type: "CERTIFICATE", Bytes: ec, }) if err != nil { return err } } fcert.Close() fchain.Close() ffullchain.Close() c.Certificates = nil c.Certificates = append(c.Certificates, crt.Certificate) c.Certificates = append(c.Certificates, crt.ExtraCertificates...) c.Cached = true return nil }