diff options
author | elijah <elijah@riseup.net> | 2016-09-06 13:05:24 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2016-09-06 13:05:24 -0700 |
commit | e9e06a8db0becb32656b272156709c12a3a31f17 (patch) | |
tree | c7c6a656d060836d1eb3663eead95c630a7258b6 /lib/leap_cli/commands | |
parent | d6c2d90d6efa692e338529e49b0a0bc84bf971f5 (diff) |
leap cert renew: added more messages in case anything goes wrong
Diffstat (limited to 'lib/leap_cli/commands')
-rw-r--r-- | lib/leap_cli/commands/ca.rb | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/ca.rb index d9ffa6a4..3c5fc7d5 100644 --- a/lib/leap_cli/commands/ca.rb +++ b/lib/leap_cli/commands/ca.rb @@ -225,12 +225,25 @@ module LeapCli; module Commands end end + def assert_no_errors!(msg) + yield + rescue StandardError => exc + bail! :error, msg do + log exc.to_s + end + end + def do_renew_cert(global, options, args) require 'leap_cli/acme' require 'leap_cli/ssh' require 'socket' require 'net/http' + csr = nil + account_key = nil + cert = nil + acme = nil + # # sanity check the domain # @@ -243,10 +256,14 @@ module LeapCli; module Commands # assert_files_exist!([:commercial_key, domain], [:commercial_csr, domain], :msg => 'Please create the CSR first with `leap cert csr %s`' % domain) - csr = Acme.load_csr(read_file!([:commercial_csr, domain])) + assert_no_errors!("Could not load #{path([:commercial_csr, domain])}") do + csr = Acme.load_csr(read_file!([:commercial_csr, domain])) + end assert_files_exist!(:acme_key, :msg => "Please run `leap cert register` first. This only needs to be done once.") - account_key = Acme.load_private_key(read_file!(:acme_key)) + assert_no_errors!("Could not load #{path(:acme_key)}") do + account_key = Acme.load_private_key(read_file!(:acme_key)) + end # # check authorization for this domain @@ -272,8 +289,12 @@ module LeapCli; module Commands end log :fetching, "new certificate from letsencrypt.org" - cert = acme.get_certificate(csr) + assert_no_errors!("could not renew certificate") do + cert = acme.get_certificate(csr) + end + log 'success', color: :green, style: :bold write_file!([:commercial_cert, domain], cert.fullchain_to_pem) + log 'You should now run `leap deploy` to deploy the new certificate.' end # |