From df67f794843de8ac26bf33a145aa7b10dcef7bd8 Mon Sep 17 00:00:00 2001
From: Jan Michael Greiner <jan0michael@yahoo.com>
Date: Sun, 8 Apr 2018 20:06:27 +0200
Subject: [PATCH] Differentiate between writing end-entity, intermediate, and
 all certs.

---
 .../org/shredzone/acme4j/Certificate.java     | 40 +++++++++++++++++--
 1 file changed, 37 insertions(+), 3 deletions(-)

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/Certificate.java b/acme4j-client/src/main/java/org/shredzone/acme4j/Certificate.java
index da016fc2..d8325a43 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/Certificate.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/Certificate.java
@@ -115,16 +115,50 @@ public class Certificate extends AcmeResource {
     }
 
     /**
-     * Writes the certificate to the given writer. It is written in PEM format, with the
-     * end-entity cert coming first, followed by the intermediate ceritificates.
+     * Writes the certificate and the intermediate certificates to the given writer.
+     * They are written in PEM format, with the end-entity cert coming first, followed
+     * by the intermediate certificates.
+     *
+     * @param out
+     *            {@link Writer} to write to. The writer is not closed after use.
+     */
+    public void writeCertificateAndChain(@WillNotClose Writer out) throws IOException {
+        try {
+            for (X509Certificate cert : getCertificateChain()) {
+                AcmeUtils.writeToPem(cert.getEncoded(), AcmeUtils.PemLabel.CERTIFICATE, out);
+            }
+        } catch (CertificateEncodingException ex) {
+            throw new IOException("Encoding error", ex);
+        }
+    }
+
+    /**
+     * Writes the certificate to the given writer. It is written in PEM format.
      *
      * @param out
      *            {@link Writer} to write to. The writer is not closed after use.
      */
     public void writeCertificate(@WillNotClose Writer out) throws IOException {
+        try {
+            AcmeUtils.writeToPem(getCertificate().getEncoded(), AcmeUtils.PemLabel.CERTIFICATE, out);
+        } catch (CertificateEncodingException ex) {
+            throw new IOException("Encoding error", ex);
+        }
+    }
+
+    /**
+     * Writes the intermediate certificates to the given writer. They are written in
+     * PEM format. The list is sorted, following certificates certify preceding ones.
+     *
+     * @param out
+     *            {@link Writer} to write to. The writer is not closed after use.
+     */
+    public void writeChain(@WillNotClose Writer out) throws IOException {
         try {
             for (X509Certificate cert : getCertificateChain()) {
-                AcmeUtils.writeToPem(cert.getEncoded(), AcmeUtils.PemLabel.CERTIFICATE, out);
+                if (cert != getCertificate()) {
+                    AcmeUtils.writeToPem(cert.getEncoded(), AcmeUtils.PemLabel.CERTIFICATE, out);
+                }
             }
         } catch (CertificateEncodingException ex) {
             throw new IOException("Encoding error", ex);