CertificateUtils.writeX509Certificate closes the passed-in writer about acme4j HOT 5 CLOSED

In commit 7c03309, I have added a new writer for writing the leaf certificate and certificate chain, and documented that the writers are closed after use. It will be available with the next release.

from acme4j.

You are right... I am going to fix this. Thanks!

from acme4j.

After thinking about it again, it seems to me that fixing this could be tricky. As the JcaPEMWriter is created in writeX509Certificate(...), the caller has no way to close or flush it...

from acme4j.

I am not very comfortable with the idea either, as I would change the behavior of the methods. Some people might expect that they don't need to care about closing the writers, e. g. by using a construction like CertificateUtils.writeX509Certificate(cert, new FileWriter("foo.csr"));.

The only use case I see is to write a combined file of the leaf certificate and the certificate chain. So maybe a new method writeX509Certificates(Writer w, X509Certificate leaf, X509Certificate[] chain) would also resolve the issue?

from acme4j.

Yes, that's pretty much my use case, though I have to insert some custom text in between. However, for such cases it should be straightforward to use Bouncy Castle's JcaPEMWriter directly. Therefore I do not think that it is necessary to introduce an additional method.

Instead I would suggest to explicitly state in the javadoc that writeX509Certificate(...) and writeX509CertificateChain(...) do close the passed-in stream/writer. It would also be great to have a pointer to JcaPEMWriter somewhere in the documentation and maybe some example code.

from acme4j.