fix not bundling cert

api/cert.go

@@ -71,7 +71,7 @@ func (a *apiCert) getCert(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	w.WriteHeader(http.StatusOK)
-	w.Write(cert.Certificate)
+	w.Write(cert.GetNoBundleCertificate())
 }
 
 func (a *apiCert) getCA(w http.ResponseWriter, r *http.Request) {
@@ -98,5 +98,5 @@ func (a *apiCert) getBundle(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	w.WriteHeader(http.StatusOK)
-	w.Write(append(cert.Certificate, cert.IssuerCertificate...))
+	w.Write(append(cert.GetNoBundleCertificate(), cert.IssuerCertificate...))
 }

api/client.go

@@ -61,12 +61,12 @@ func (c *Client) Get(domain string, san []string, onlyCN bool, valid int) (cert
 
 // WriteCert writes the cert to file
 func (c *Client) WriteCert(cert *certstore.CertificateResource, filepath string) (err error) {
-	return c.writeFile(cert.Certificate, filepath)
+	return c.writeFile(cert.GetNoBundleCertificate(), filepath)
 }
 
 // WriteBundle writes the cert + ca to file
 func (c *Client) WriteBundle(cert *certstore.CertificateResource, filepath string) (err error) {
-	return c.writeFile(append(cert.Certificate, cert.IssuerCertificate...), filepath)
+	return c.writeFile(append(cert.GetNoBundleCertificate(), cert.IssuerCertificate...), filepath)
 }
 
 // WriteKey writes the privte key to file

certstore/certificate.go

@@ -17,3 +17,9 @@ func (c *CertificateResource) parseCert() (*x509.Certificate, error) {
 	block, _ := pem.Decode(c.Certificate)
 	return x509.ParseCertificate(block.Bytes)
 }
+
+// GetNoBundleCertificate ensures to return the cert without ca
+func (c *CertificateResource) GetNoBundleCertificate() []byte {
+	block, _ := pem.Decode(c.Certificate)
+	return pem.EncodeToMemory(block)
+}