feat: Store fullchain certificate information alongside certs

src/main/java/de/mlessmann/certassist/openssl/CertificateUsage.java

@@ -1,6 +1,7 @@
 package de.mlessmann.certassist.openssl;
 
 import java.nio.file.Path;
+import org.springframework.lang.Nullable;
 
 /**
  * Instance of a certificate that is temporarily stored on disk to be available for use in command line calls.
@@ -8,8 +9,30 @@ import java.nio.file.Path;
  * @implSpec The files should be removed from disk when the instance is closed, UNLESS the provided paths are the permanent storage location for the certificate files.
  */
 public interface CertificateUsage extends AutoCloseable {
+    /**
+     * Returns the path to the certificate file (on disk, potentially temporary depending on the storage implementation).
+     */
     Path certificatePath();
+
+    /**
+     * Returns the path to the private key file (on disk, potentially temporary depending on the storage implementation).
+     * This file should also be encrypted.
+     * @see CertificatePasswordProvider
+     */
     Path certificateKeyPath();
+
+    /**
+     * Returns the path to the fullchain file (on disk, potentially temporary depending on the storage implementation).
+     * This should contain the entire certification chain from (inclusive) the certificate to the root authority (inclusive).
+     * @implSpec This method may return {@code null} if the certificate is self-signed.
+     */
+    @Nullable
+    Path fullchainPath();
+
+    /**
+     * String representation of the certificate's fingerprint.
+     * In case of OpenSSL, this should be in the form of: {@code SHA1;<HEX>:<HEX>:...}
+     */
     String fingerprint();
 
     @Override

src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateCreator.java

@@ -89,7 +89,7 @@ public class OpenSSLCertificateCreator {
             Path certificate = createCertificate(request, keyFile, tmpDir.resolve("certificate.crt"), certPassword);
             String fingerprint = getCertificateFingerprint(certificate);
             passwordProvider.setPasswordFor(fingerprint, certPassword);
-            return new OpenSSLCertificateResult(tmpDir, certificate, keyFile, fingerprint);
+            return new OpenSSLCertificateResult(tmpDir, certificate, keyFile, certificate, fingerprint);
         }
 
         try (var certAuthority = certificateProvider.requestCertificateUsage(request.getTrustingAuthority())) {
@@ -103,7 +103,16 @@ public class OpenSSLCertificateCreator {
             );
             String fingerprint = getCertificateFingerprint(signedCert);
             passwordProvider.setPasswordFor(fingerprint, certPassword);
-            return new OpenSSLCertificateResult(tmpDir, signedCert, keyFile, fingerprint);
+
+            Path fullchain = tmpDir.resolve("fullchain.pem");
+            try {
+                Files.write(fullchain, Files.readAllBytes(certAuthority.certificatePath()), StandardOpenOption.CREATE);
+                Files.write(fullchain, Files.readAllBytes(signedCert), StandardOpenOption.APPEND);
+            } catch (IOException e) {
+                throw new CommandLineOperationException("Failed to create fullchain file.", e);
+            }
+
+            return new OpenSSLCertificateResult(tmpDir, signedCert, keyFile, fullchain, fingerprint);
         }
     }
 

src/main/java/de/mlessmann/certassist/openssl/OpenSSLCertificateResult.java

@@ -16,6 +16,7 @@ public class OpenSSLCertificateResult implements CertificateUsage {
     private final Path tmpDir;
     private final Path certificatePath;
     private final Path privateKeyPath;
+    private final Path fullchainPath;
     private final String certificateFingerPrint;
 
     @Override
@@ -28,6 +29,11 @@ public class OpenSSLCertificateResult implements CertificateUsage {
         return privateKeyPath;
     }
 
+    @Override
+    public Path fullchainPath() {
+        return fullchainPath;
+    }
+
     @Override
     public String fingerprint() {
         return certificateFingerPrint;