MCPcopy
hub / github.com/smallstep/cli / Renew

Method Renew

command/ca/renew.go:482–508  ·  view source on GitHub ↗
(outFile string)

Source from the content-addressed store, hash-verified

480}
481
482func (r *renewer) Renew(outFile string) (resp *api.SignResponse, err error) {
483 if !r.mtls || time.Now().After(r.cert.Leaf.NotAfter) {
484 resp, err = r.RenewWithToken(r.cert)
485 } else {
486 resp, err = r.client.Renew(r.transport)
487 }
488 if err != nil {
489 return nil, errors.Wrap(err, "error renewing certificate")
490 }
491
492 if len(resp.CertChainPEM) == 0 {
493 resp.CertChainPEM = []api.Certificate{resp.ServerPEM, resp.CaPEM}
494 }
495 var data []byte
496 for _, certPEM := range resp.CertChainPEM {
497 pemblk, err := pemutil.Serialize(certPEM.Certificate)
498 if err != nil {
499 return nil, errors.Wrap(err, "error serializing certificate PEM")
500 }
501 data = append(data, pem.EncodeToMemory(pemblk)...)
502 }
503 if err := fileutil.WriteFile(outFile, data, 0o600); err != nil {
504 return nil, errs.FileError(err, outFile)
505 }
506
507 return resp, nil
508}
509
510func (r *renewer) Rekey(priv interface{}, outCert, outKey string, writePrivateKey bool) (*api.SignResponse, error) {
511 csrBytes, err := x509.CreateCertificateRequest(cryptoRand.Reader, &x509.CertificateRequest{}, priv)

Callers 1

RenewAndPrepareNextMethod · 0.95

Calls 2

RenewWithTokenMethod · 0.95
RenewMethod · 0.65

Tested by

no test coverage detected