aboutsummaryrefslogtreecommitdiff
path: root/lib/App/Acmeman.pm
diff options
context:
space:
mode:
Diffstat (limited to 'lib/App/Acmeman.pm')
-rw-r--r--lib/App/Acmeman.pm88
1 files changed, 50 insertions, 38 deletions
diff --git a/lib/App/Acmeman.pm b/lib/App/Acmeman.pm
index b95f87f..285342c 100644
--- a/lib/App/Acmeman.pm
+++ b/lib/App/Acmeman.pm
@@ -24,7 +24,7 @@ use Text::ParseWords;
use App::Acmeman::Log qw(:all :sysexits);
use feature 'state';
-our $VERSION = '2.90';
+our $VERSION = '2.02';
my $progdescr = "manages ACME certificates";
@@ -411,42 +411,60 @@ sub save_challenge {
}
}
-sub acme {
+sub account_key {
my $self = shift;
- my $key_id;
- my $account_key;
-
- my $idfile = File::Spec->catfile($self->cf->get('core','rootdir'),
- 'account.key_id');
- my $keyfile = File::Spec->catfile($self->cf->get('core','rootdir'),
- 'account.pem');
- if (-r $idfile) {
- if (open(my $fh, '<', $idfile)) {
- chomp($key_id = <$fh>);
- close $fh;
- debug(3, "using key_id $key_id");
- } else {
- error("can't open $idfile for reading: $!");
- }
+
+ unless ($self->{_account_key}) {
+ my $keyfile = $self->cf->get('account', 'key');
+ if (-r $keyfile) {
+ if (open(my $fh, '<', $keyfile)) {
+ local $/ = undef;
+ $self->{_account_key} = Crypt::OpenSSL::RSA->new_private_key(<$fh>);
+ close $fh;
+ } else {
+ error("can't open $keyfile for reading: $!");
+ }
+ } else {
+ $self->{_account_key} = Crypt::OpenSSL::RSA->generate_key($self->cf->get('core', 'key-size'));
+ }
}
+ return $self->{_account_key};
+}
- if (-r $keyfile) {
- if (open(my $fh, '<', $keyfile)) {
- local $/ = undef;
- $account_key = Crypt::OpenSSL::RSA->new_private_key(<$fh>);
+sub account_key_id {
+ my $self = shift;
+
+ my $idfile = $self->cf->get('account', 'id');
+ if (my $val = shift) {
+ $self->{_account_key_id} = $val;
+ $self->prep_dir($idfile);
+ if (open(my $fh, '>', $idfile)) {
+ print $fh $val;
close $fh;
} else {
- error("can't open $keyfile for reading: $!");
- }
- } else {
- $account_key = Crypt::OpenSSL::RSA->generate_key($self->cf->get('core', 'key-size'));
+ error("can't open $idfile for writing: $!");
+ }
+ } elsif (!$self->{_account_key_id}) {
+ if (-r $idfile) {
+ if (open(my $fh, '<', $idfile)) {
+ chomp($self->{_account_key_id} = <$fh>);
+ close $fh;
+ debug(3, "using key_id $self->{_account_key_id}");
+ } else {
+ error("can't open $idfile for reading: $!");
+ }
+ }
}
-
+ return $self->{_account_key_id};
+}
+
+sub acme {
+ my $self = shift;
unless ($self->{_acme}) {
my $acme = Net::ACME2::LetsEncrypt->new(
environment => $self->acme_host,
- key => $account_key->get_private_key_string(),
- key_id => $key_id
+ key => $self->account_key->get_private_key_string(),
+ key_id => $self->account_key_id
);
$self->{_acme} = $acme;
@@ -456,19 +474,13 @@ sub acme {
my $terms_url = $acme->get_terms_of_service();
$acme->create_account(termsOfServiceAgreed => 1);
debug(3, "saving account credentials");
-
- if (open(my $fh, '>', $idfile)) {
- print $fh $acme->key_id();
- close $fh;
- } else {
- error("can't open $idfile for writing: $!");
- }
-
+ $self->account_key_id($acme->key_id());
+ my $keyfile = $self->cf->get('account', 'key');
if (open(my $fh, '>', $keyfile)) {
- print $fh $account_key->get_private_key_string();
+ print $fh $self->account_key->get_private_key_string();
close $fh;
} else {
- error("can't open $idfile for writing: $!");
+ error("can't open $keyfile for writing: $!");
}
}
}

Return to:

Send suggestions and report system problems to the System administrator.