private function doPut(array $certificates)
{
if (empty($certificates)) {
throw new InvalidArgumentException("Empty array not allowed");
}
$cert = new Certificate($certificates[0]);
$commonName = $cert->getSubject()->getCommonName();
if (!$commonName) {
throw new CertificateStoreException("Certificate doesn't have a common name.");
}
// See https://github.com/amphp/dns/blob/4c4d450d4af26fc55dc56dcf45ec7977373a38bf/lib/functions.php#L83
if (isset($commonName[253]) || !preg_match("~^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9]){0,1})(?:\\.[a-z0-9][a-z0-9-]{0,61}[a-z0-9])*\$~i", $commonName)) {
throw new CertificateStoreException("Invalid common name: '{$commonName}'");
}
try {
$chain = array_slice($certificates, 1);
$path = $this->root . "/" . $commonName;
$realpath = realpath($path);
if (!$realpath && !mkdir($path, 0775, true)) {
throw new FilesystemException("Couldn't create certificate directory: '{$path}'");
}
(yield \Amp\File\put($path . "/cert.pem", $certificates[0]));
(yield \Amp\File\chmod($path . "/cert.pem", 0644));
(yield \Amp\File\put($path . "/fullchain.pem", implode("\n", $certificates)));
(yield \Amp\File\chmod($path . "/fullchain.pem", 0644));
(yield \Amp\File\put($path . "/chain.pem", implode("\n", $chain)));
(yield \Amp\File\chmod($path . "/chain.pem", 0644));
} catch (FilesystemException $e) {
throw new CertificateStoreException("Couldn't save certificates for '{$commonName}'", 0, $e);
}
}
/**
* @param array $certificates
* @return boolean
* @throws InvalidParamException
*/
public function put($certificates = [])
{
$cert = new Certificate($certificates[0]);
$commonName = $cert->getSubject()->getCommonName();
if (!$commonName) {
throw new InvalidParamException("Certificate doesn't have a common name.");
}
// See https://github.com/amphp/dns/blob/4c4d450d4af26fc55dc56dcf45ec7977373a38bf/lib/functions.php#L83
if (isset($commonName[253]) || !preg_match("~^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9]){0,1})(?:\\.[a-z0-9][a-z0-9-]{0,61}[a-z0-9])*\$~i", $commonName)) {
throw new InvalidParamException("Invalid common name: '{$commonName}'");
}
$chain = array_slice($certificates, 1);
file_put_contents($this->getFileName(self::FILE_CERT), $certificates);
$result = chmod($this->getFileName(self::FILE_CERT), 0644);
file_put_contents($this->getFileName(self::FILE_FULLCHAIN), implode(PHP_EOL, array_merge($chain)));
$result &= chmod($this->getFileName(self::FILE_FULLCHAIN), 0644);
file_put_contents($this->getFileName(self::FILE_CHAIN), implode(PHP_EOL, $chain));
$result &= chmod($this->getFileName(self::FILE_CHAIN), 0644);
return $result;
}
private function certificateInfo(Certificate $certificate, $ttl = 0)
{
$isExpired = time() > $certificate->getValidTo();
$colorExpired = !$isExpired ? Console::FG_GREEN : Console::FG_RED;
$this->stdout("\n");
$this->stdout("Certificate ", Console::BOLD);
$this->stdout("{$certificate->getSubject()->getCommonName()}\n", $colorExpired);
$this->stdout("Domains :");
$this->stdout(join(',', $certificate->getNames()) . "\n", Console::ITALIC);
$this->stdout("Issued by: {$certificate->getIssuer()->getCommonName()}\n");
$dateFrom = Yii::$app->formatter->asDatetime($certificate->getValidFrom(), 'medium');
$this->stdout("Valid from: {$dateFrom}\n");
$dateTo = Yii::$app->formatter->asDatetime($certificate->getValidTo(), 'medium');
$this->stdout("Valid to: {$dateTo}\n", $colorExpired);
if (!$isExpired && $ttl > 0) {
$colorDateDiff = time() + $ttl * 24 * 60 * 60 < $certificate->getValidTo() ? Console::FG_GREEN : Console::FG_YELLOW;
$dateDiff = Yii::$app->formatter->asRelativeTime($certificate->getValidTo(), $certificate->getValidFrom());
$this->stdout("Valid time left: {$dateDiff}\n", $colorDateDiff);
}
}
