Created
March 19, 2018 18:51
-
-
Save Dviejopomata/1a9641505ef96b126277a75ad5684e99 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"github.com/xenolf/lego/acme" | |
"crypto" | |
"crypto/rsa" | |
"crypto/rand" | |
"fmt" | |
"log" | |
"os" | |
) | |
// You'll need a user or account type that implements acme.User | |
type MyUser struct { | |
Email string | |
Registration *acme.RegistrationResource | |
key crypto.PrivateKey | |
} | |
func (u MyUser) GetEmail() string { | |
return u.Email | |
} | |
func (u MyUser) GetRegistration() *acme.RegistrationResource { | |
return u.Registration | |
} | |
func (u MyUser) GetPrivateKey() crypto.PrivateKey { | |
return u.key | |
} | |
func main() { | |
// url := "http://tienda.nextagilesoft.com:5002/.well-known/acme-challenge/FS0nAHwsIzivTzYyc6k7Rulgbwp_bLosNjleOARhqng" | |
// Create a user. New accounts need an email and private key to start. | |
const rsaKeySize = 2048 | |
privateKey, err := rsa.GenerateKey(rand.Reader, rsaKeySize) | |
if err != nil { | |
log.Fatal(err) | |
} | |
myUser := MyUser{ | |
Email: "davidviejopomata@gmail.com", | |
key: privateKey, | |
} | |
// A client facilitates communication with the CA server. This CA URL is | |
// configured for a local dev instance of Boulder running in Docker in a VM. | |
url := "https://acme-v01.api.letsencrypt.org/directory" | |
// url := "https://acme-staging.api.letsencrypt.org/directory" | |
client, err := acme.NewClient(url, &myUser, acme.RSA2048) | |
if err != nil { | |
log.Fatal(err) | |
} | |
// sudo lego --http 192.168.1.40:80 --server=https://acme-staging.api.letsencrypt.org/directory --email="davidviejopomata@gmail.com" --domains="hola.nextagilesoftdev.com" --domains="hola1.nextagilesoftdev.com" run | |
client.SetHTTPAddress("192.168.1.40:5001") | |
// New users will need to register | |
reg, err := client.Register() | |
if err != nil { | |
log.Fatal(err) | |
} | |
myUser.Registration = reg | |
// SAVE THE USER. | |
// The client has a URL to the current Let's Encrypt Subscriber | |
// Agreement. The user will need to agree to it. | |
err = client.AgreeToTOS() | |
if err != nil { | |
log.Fatal(err) | |
} | |
// The acme library takes care of completing the challenges to obtain the certificate(s). | |
// The domains must resolve to this machine or you have to use the DNS challenge. | |
bundle := false | |
certificates, failures := client.ObtainCertificate([]string{"hola.nextagilesoftdev.com","hola1.nextagilesoftdev.com"}, bundle, nil, false) | |
if len(failures) > 0 { | |
log.Fatal(failures) | |
} | |
// Each certificate comes back with the cert bytes, the bytes of the client's | |
// private key, and a certificate URL. SAVE THESE TO DISK. | |
fmt.Printf("%#v\n", certificates) | |
f, _ := os.Create("./server.key") | |
f.Write(certificates.PrivateKey) | |
f.Close() | |
f1, _ := os.Create("./server.crt") | |
f1.Write(certificates.Certificate) | |
f1.Close() | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment