janeczku / rancher-letsencrypt

:cow: Rancher service that obtains and manages free SSL certificates from the Let's Encrypt CA
Apache License 2.0
326 stars 114 forks source link

Possibility to create PKCS12 file #103

Open mharrend opened 6 years ago

mharrend commented 6 years ago

First of all thanks for the very useful package.

For one application (Thingsboard) I would need a pkcs12 certificate store instead of PEM files. Currently, I am using a cron job in /etc/periodic/monthly to do this via

cd /etc/letsencrypt/production/certs/thingsboard/ 
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out pkcs.p12 -name thingsboard -password pass:PASSWORD

However, this requires to mount /etc/periodic as a volume on the host to keep the cron job persistent.

It would be nice to include this in the binary rancher-letsencrypt. Maybe in this place: https://github.com/janeczku/rancher-letsencrypt/blob/master/manager.go#L128 via os/exec. The reason of using os/exec would be that unfortunately encoding pkcs12 file never made it into x/crypto repo, see https://github.com/golang/go/issues/14125

Would you except a PR in such a manner? If yes, I would work on such one.