package main

import (
	"crypto/tls"
	"encoding/base64"
	"time"

	// "github.com/go-acme/lego/v4/certcrypto"
	"github.com/go-acme/lego/v4/certificate"
	"github.com/go-acme/lego/v4/lego"
)

func ObtainNewCertificate(domains []string, path string, acmeClient *lego.Client) error {
	req := certificate.ObtainRequest{
		Domains: domains,
		Bundle: true,
	}
	cert, err := acmeClient.Certificate.Obtain(req)
	if err != nil {
		return err
	}

	tlsCert, err := tls.X509KeyPair(cert.Certificate, cert.PrivateKey)
	if err != nil {
		return err
	}

	wrapper := CertificateWrapper{
		TlsCertificate: &tlsCert,
		Domain: cert.Domain,
		//NotAfter: tlsCert.Leaf.NotAfter,
		NotAfter: time.Now().Add(time.Hour * 24 * 60),
		PrivateKeyEncoded: base64.StdEncoding.EncodeToString(cert.PrivateKey),
		Certificate: cert.Certificate,
		IssuerCertificate: cert.IssuerCertificate,
		CertificateUrl: cert.CertURL,
	}
	Certificates.Certificates[cert.Domain] = wrapper
	FlushCertificateStoreToFile(path)
	return nil
}