mirror of
https://github.com/go-acme/lego.git
synced 2024-12-05 03:58:54 +02:00
42941ccea6
- Packages - Isolate code used by the CLI into the package `cmd` - (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) - Support non-ascii domain name (punnycode) - Check all challenges in a predictable order - No more global exported variables - Archive revoked certificates - Fixes revocation for subdomains and non-ascii domains - Disable pending authorizations - use pointer for RemoteError/ProblemDetails - Poll authz URL instead of challenge URL - The ability for a DNS provider to solve the challenge sequentially - Check all nameservers in a predictable order - Option to disable the complete propagation Requirement - CLI, support for renew with CSR - CLI, add SAN on renew - Add command to list certificates. - Logs every iteration of waiting for the propagation - update DNSimple client - update github.com/miekg/dns
63 lines
1.4 KiB
Go
63 lines
1.4 KiB
Go
package cmd
|
|
|
|
import (
|
|
"github.com/urfave/cli"
|
|
"github.com/xenolf/lego/log"
|
|
)
|
|
|
|
func createRevoke() cli.Command {
|
|
return cli.Command{
|
|
Name: "revoke",
|
|
Usage: "Revoke a certificate",
|
|
Action: revoke,
|
|
Flags: []cli.Flag{
|
|
cli.BoolFlag{
|
|
Name: "keep, k",
|
|
Usage: "Keep the certificates after the revocation instead of archiving them.",
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func revoke(ctx *cli.Context) error {
|
|
acc, client := setup(ctx, NewAccountsStorage(ctx))
|
|
|
|
if acc.Registration == nil {
|
|
log.Fatalf("Account %s is not registered. Use 'run' to register a new account.\n", acc.Email)
|
|
}
|
|
|
|
certsStorage := NewCertificatesStorage(ctx)
|
|
certsStorage.CreateRootFolder()
|
|
|
|
for _, domain := range ctx.GlobalStringSlice("domains") {
|
|
log.Printf("Trying to revoke certificate for domain %s", domain)
|
|
|
|
certBytes, err := certsStorage.ReadFile(domain, ".crt")
|
|
if err != nil {
|
|
log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)
|
|
}
|
|
|
|
err = client.Certificate.Revoke(certBytes)
|
|
if err != nil {
|
|
log.Fatalf("Error while revoking the certificate for domain %s\n\t%v", domain, err)
|
|
}
|
|
|
|
log.Println("Certificate was revoked.")
|
|
|
|
if ctx.Bool("keep") {
|
|
return nil
|
|
}
|
|
|
|
certsStorage.CreateArchiveFolder()
|
|
|
|
err = certsStorage.MoveToArchive(domain)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log.Println("Certificate was archived for domain:", domain)
|
|
}
|
|
|
|
return nil
|
|
}
|