|
@@ -54,8 +54,8 @@ type ACMEHandler struct {
|
|
|
port string
|
|
port string
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+// NewACME creates a new ACMEHandler instance.
|
|
|
func NewACME(email string, acmeServer string, port string) *ACMEHandler {
|
|
func NewACME(email string, acmeServer string, port string) *ACMEHandler {
|
|
|
-
|
|
|
|
|
return &ACMEHandler{
|
|
return &ACMEHandler{
|
|
|
email: email,
|
|
email: email,
|
|
|
acmeServer: acmeServer,
|
|
acmeServer: acmeServer,
|
|
@@ -63,6 +63,7 @@ func NewACME(email string, acmeServer string, port string) *ACMEHandler {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+// ObtainCert obtains a certificate for the specified domains.
|
|
|
func (a *ACMEHandler) ObtainCert(domains []string, certificateName string) (bool, error) {
|
|
func (a *ACMEHandler) ObtainCert(domains []string, certificateName string) (bool, error) {
|
|
|
log.Println("Obtaining certificate...")
|
|
log.Println("Obtaining certificate...")
|
|
|
|
|
|
|
@@ -121,7 +122,6 @@ func (a *ACMEHandler) ObtainCert(domains []string, certificateName string) (bool
|
|
|
return false, err
|
|
return false, err
|
|
|
}
|
|
}
|
|
|
err = ioutil.WriteFile("./certs/"+certificateName+".key", certificates.PrivateKey, 0777)
|
|
err = ioutil.WriteFile("./certs/"+certificateName+".key", certificates.PrivateKey, 0777)
|
|
|
-
|
|
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
log.Println(err)
|
|
log.Println(err)
|
|
|
return false, err
|
|
return false, err
|
|
@@ -130,9 +130,8 @@ func (a *ACMEHandler) ObtainCert(domains []string, certificateName string) (bool
|
|
|
return true, nil
|
|
return true, nil
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
-// Return a list of domains that is in expired certificates
|
|
|
|
|
|
|
+// CheckCertificate returns a list of domains that are in expired certificates.
|
|
|
func (a *ACMEHandler) CheckCertificate() []string {
|
|
func (a *ACMEHandler) CheckCertificate() []string {
|
|
|
-
|
|
|
|
|
filenames, err := os.ReadDir("./certs/")
|
|
filenames, err := os.ReadDir("./certs/")
|
|
|
|
|
|
|
|
expiredCerts := []string{}
|
|
expiredCerts := []string{}
|
|
@@ -147,19 +146,19 @@ func (a *ACMEHandler) CheckCertificate() []string {
|
|
|
|
|
|
|
|
certBtyes, err := os.ReadFile(certFilepath)
|
|
certBtyes, err := os.ReadFile(certFilepath)
|
|
|
if err != nil {
|
|
if err != nil {
|
|
|
- //Unable to load this file
|
|
|
|
|
|
|
+ // Unable to load this file
|
|
|
continue
|
|
continue
|
|
|
} else {
|
|
} else {
|
|
|
- //Cert loaded. Check its expire time
|
|
|
|
|
|
|
+ // Cert loaded. Check its expiry time
|
|
|
block, _ := pem.Decode(certBtyes)
|
|
block, _ := pem.Decode(certBtyes)
|
|
|
if block != nil {
|
|
if block != nil {
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
|
if err == nil {
|
|
if err == nil {
|
|
|
elapsed := time.Since(cert.NotAfter)
|
|
elapsed := time.Since(cert.NotAfter)
|
|
|
- //approxMonths := -int(elapsed.Hours() / (24 * 30.44))
|
|
|
|
|
- //approxDays := -int(elapsed.Hours()/24) % 30
|
|
|
|
|
|
|
+ // approxMonths := -int(elapsed.Hours() / (24 * 30.44))
|
|
|
|
|
+ // approxDays := -int(elapsed.Hours()/24) % 30
|
|
|
if elapsed > 0 {
|
|
if elapsed > 0 {
|
|
|
- //log.Println("Certificate", certFilepath, " expired")
|
|
|
|
|
|
|
+ // log.Println("Certificate", certFilepath, " expired")
|
|
|
for _, dnsName := range cert.DNSNames {
|
|
for _, dnsName := range cert.DNSNames {
|
|
|
if !contains(expiredCerts, dnsName) {
|
|
if !contains(expiredCerts, dnsName) {
|
|
|
expiredCerts = append(expiredCerts, dnsName)
|
|
expiredCerts = append(expiredCerts, dnsName)
|
|
@@ -169,21 +168,22 @@ func (a *ACMEHandler) CheckCertificate() []string {
|
|
|
expiredCerts = append(expiredCerts, cert.Subject.CommonName)
|
|
expiredCerts = append(expiredCerts, cert.Subject.CommonName)
|
|
|
}
|
|
}
|
|
|
} else {
|
|
} else {
|
|
|
- //log.Println("Certificate", certFilepath, " will still vaild for the next ", approxMonths, "m", approxDays, "d")
|
|
|
|
|
|
|
+ // log.Println("Certificate", certFilepath, " will still be valid for the next ", approxMonths, "m", approxDays, "d")
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-
|
|
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
return expiredCerts
|
|
return expiredCerts
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+// return the current port number
|
|
|
func (a *ACMEHandler) Getport() string {
|
|
func (a *ACMEHandler) Getport() string {
|
|
|
return a.port
|
|
return a.port
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+// contains checks if a string is present in a slice.
|
|
|
func contains(slice []string, str string) bool {
|
|
func contains(slice []string, str string) bool {
|
|
|
for _, s := range slice {
|
|
for _, s := range slice {
|
|
|
if s == str {
|
|
if s == str {
|
Alan Yeung