lego/cmd/cmd_revoke.go

package cmd

import (
	"github.com/urfave/cli"
	"github.com/xenolf/lego/log"
)

func createRevoke() cli.Command {
	return cli.Command{
		Name:   "revoke",
		Usage:  "Revoke a certificate",
		Action: revoke,
		Flags: []cli.Flag{
			cli.BoolFlag{
				Name:  "keep, k",
				Usage: "Keep the certificates after the revocation instead of archiving them.",
			},
		},
	}
}

func revoke(ctx *cli.Context) error {
	acc, client := setup(ctx, NewAccountsStorage(ctx))

	if acc.Registration == nil {
		log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)
	}

	certsStorage := NewCertificatesStorage(ctx)
	certsStorage.CreateRootFolder()

	for _, domain := range ctx.GlobalStringSlice("domains") {
		log.Printf("Trying to revoke certificate for domain %s", domain)

		certBytes, err := certsStorage.ReadFile(domain, ".crt")
		if err != nil {
			log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)
		}

		err = client.Certificate.Revoke(certBytes)
		if err != nil {
			log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)
		}

		log.Println("Certificate was revoked.")

		if ctx.Bool("keep") {
			return nil
		}

		certsStorage.CreateArchiveFolder()

		err = certsStorage.MoveToArchive(domain)
		if err != nil {
			return err
		}

		log.Println("Certificate was archived for domain:", domain)
	}

	return nil
}
Refactor the core of the lib (#700) - Packages - Isolate code used by the CLI into the package `cmd` - (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) - Support non-ascii domain name (punnycode) - Check all challenges in a predictable order - No more global exported variables - Archive revoked certificates - Fixes revocation for subdomains and non-ascii domains - Disable pending authorizations - use pointer for RemoteError/ProblemDetails - Poll authz URL instead of challenge URL - The ability for a DNS provider to solve the challenge sequentially - Check all nameservers in a predictable order - Option to disable the complete propagation Requirement - CLI, support for renew with CSR - CLI, add SAN on renew - Add command to list certificates. - Logs every iteration of waiting for the propagation - update DNSimple client - update github.com/miekg/dns 2018-12-06 22:50:17 +01:00			`package cmd`

			`import (`
			`"github.com/urfave/cli"`
			`"github.com/xenolf/lego/log"`
			`)`

			`func createRevoke() cli.Command {`
			`return cli.Command{`
			`Name: "revoke",`
			`Usage: "Revoke a certificate",`
			`Action: revoke,`
			`Flags: []cli.Flag{`
			`cli.BoolFlag{`
			`Name: "keep, k",`
			`Usage: "Keep the certificates after the revocation instead of archiving them.",`
			`},`
			`},`
			`}`
			`}`

			`func revoke(ctx *cli.Context) error {`
			`acc, client := setup(ctx, NewAccountsStorage(ctx))`

			`if acc.Registration == nil {`
			`log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)`
			`}`

			`certsStorage := NewCertificatesStorage(ctx)`
			`certsStorage.CreateRootFolder()`

			`for _, domain := range ctx.GlobalStringSlice("domains") {`
			`log.Printf("Trying to revoke certificate for domain %s", domain)`

			`certBytes, err := certsStorage.ReadFile(domain, ".crt")`
			`if err != nil {`
			`log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)`
			`}`

			`err = client.Certificate.Revoke(certBytes)`
			`if err != nil {`
			`log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)`
			`}`

			`log.Println("Certificate was revoked.")`

			`if ctx.Bool("keep") {`
			`return nil`
			`}`

			`certsStorage.CreateArchiveFolder()`

			`err = certsStorage.MoveToArchive(domain)`
			`if err != nil {`
			`return err`
			`}`

			`log.Println("Certificate was archived for domain:", domain)`
			`}`

			`return nil`
			`}`