jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ensureCertificate: check if cert needs renewal

Browse Source
This commit is contained in:
Girish Ramakrishnan
2015-12-14 12:38:19 -08:00
parent 0c1ea39a02
commit fd20246e8b
1 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/certificates.js
View File

@@ -85,6 +85,12 @@ function installAdminCertificate(callback) {
});
}
function needsRenewalSync(certFilePath) {
var result = safe.child_process.execSync('openssl x509 -checkend %s -in %s', 60 * 60 * 24 * 5, certFilePath);
return result !== null;
}
function autoRenew() {
debug('will automatically renew certs');
}
@@ -175,24 +181,23 @@ function ensureCertificate(domain, callback) {
assert.strictEqual(typeof domain, 'string');
assert.strictEqual(typeof callback, 'function');
// check if user uploaded a specific cert. ideally, we should not mix user certs and automatic certs as we do here...
var userCertFilePath = path.join(paths.APP_CERTS_DIR, domain + '.cert');
var userKeyFilePath = path.join(paths.APP_CERTS_DIR, domain + '.key');
if (fs.existsSync(userCertFilePath) && fs.existsSync(userKeyFilePath)) {
debug('ensureCertificate: %s. certificate already exists at %s', domain, userKeyFilePath);
if (!needsRenewalSync(userCertFilePath)) return callback(null, userCertFilePath, userKeyFilePath);
debug('ensureCertificate: %s cert require renewal', domain);
}
getApi(function (error, api) {
if (error) return callback(error);
// check if user uploaded a specific cert. ideally, we should not mix user certs and automatic certs as we do here...
var userCertFilePath = path.join(paths.APP_CERTS_DIR, domain + '.cert');
var userKeyFilePath = path.join(paths.APP_CERTS_DIR, domain + '.key');
if (fs.existsSync(userCertFilePath) && fs.existsSync(userKeyFilePath)) {
debug('ensureCertificate: %s. certificate already exists at %s', domain, userKeyFilePath);
return callback(null, userCertFilePath, userKeyFilePath); // TODO: check if cert needs renewal
}
debug('ensureCertificate: getting certificate for %s', domain);
api.getCertificate(domain, function (error, certFilePath, keyFilePath) {
if (error) return callback(error);
callback(null, certFilePath, keyFilePath);
});
api.getCertificate(domain, callback);
});
}