Add function to check validity of certificate

[DaemonBeast]

Issue has been abandoned

Not a core part of the ACME protocol: Unnecessary to have it in an ACME client

Please can a new function be implemented called ACME.verify().

It will have the following properties:

• arguments:
  • certificate (string):
    • contains the directory path of a certificate.
• return value:
  • if the specified certificate is still valid, true is returned.
  • if the specified certificate has expired, false is returned.
• default arguments:
  • certificate:
    • '' (throws an error: no certificate specified).
• prevents the rate limit from being reached from unnecessary repeated certificate requests.

---

Possible Implementation

const fs = require('fs');
const forge = require('./crypto/forge');

module.exports = async function(certificate) {
    if (certificate) {
        if (fs.existsSync(certificate)) {
            let cert = fs.readFileSync(certificate);
            let expiry = (new Date((await forge.readCertificateInfo(cert)).notAfter)).valueOf();
            let time = (new Date()).valueOf();

            if (expiry > time) {
                return true;
            } else {
                return false;
            }
        } else {
            throw new Error('certificate does not exist');
        }
    } else {
        throw new Error('no certificate specified');
    }
}

Possible Usage

const fs = require('fs');
const acme = require('acme-client');

if (acme.verify('path/to/cert.pem')) {
    var key = fs.readFileSync('path/to/key.pem');
    var cert = fs.readFileSync('path/to/cert.pem');
} else {
    // generate key and certificate using acme-client
    fs.writeFileSync('path/to/key.pem', key);
    fs.writeFileSync('path/to/cert.pem', cert);
}

// use key and certificate

---

By the way, thank you so much for such a great package!
I really appreciate the sophisticated code, clear documentation and constant bug fixes (all of the other major ACME clients are either really complicated or have serious bugs).