From 072859eced59e48e5a60f2b9a2978288745b0f22 Mon Sep 17 00:00:00 2001
From: Austin Drummond <adrum0x7@gmail.com>
Date: Thu, 14 Nov 2024 20:38:12 -0500
Subject: [PATCH 1/2] add the ability to renew the CA when renewing all certs

---
 cli/Valet/Site.php | 5 ++++-
 cli/app.php        | 5 +++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php
index d0108b10..fd5d7bb5 100644
--- a/cli/Valet/Site.php
+++ b/cli/Valet/Site.php
@@ -502,8 +502,11 @@ public function secure(string $url, ?string $siteConf = null, int $certificateEx
     /**
      * Renews all domains with a trusted TLS certificate.
      */
-    public function renew($expireIn = 368): void
+    public function renew($expireIn = 368, $ca = false): void
     {
+        if ($ca) {
+            $this->removeCa();
+        }
         collect($this->securedWithDates())->each(function ($row) use ($expireIn) {
             $url = $this->domain($row['site']);
 
diff --git a/cli/app.php b/cli/app.php
index 6d06fdae..14bd8271 100644
--- a/cli/app.php
+++ b/cli/app.php
@@ -306,11 +306,12 @@ function (ConsoleCommandEvent $event) {
     /**
      * Renews all domains with a trusted TLS certificate.
      */
-    $app->command('renew [--expireIn=]', function (OutputInterface $output, $expireIn = 368) {
-        Site::renew($expireIn);
+    $app->command('renew [--expireIn=] [--ca]', function (OutputInterface $output, $expireIn = 368, $ca = null) {
+        Site::renew($expireIn, $ca);
         Nginx::restart();
     })->descriptions('Renews all domains with a trusted TLS certificate.', [
         '--expireIn' => 'The amount of days the self signed certificate is valid for. Default is set to "368"',
+        '--ca' => 'Renew the Certificate Authority certificate before renewing the site certificates.',
     ]);
 
     /**

From 3c0015c30519ef28275046bfb295ebde094df17b Mon Sep 17 00:00:00 2001
From: Austin Drummond <adrum0x7@gmail.com>
Date: Fri, 15 Nov 2024 12:09:11 -0500
Subject: [PATCH 2/2] add the ability to see the Certificate Authority
 expiration date

---
 cli/Valet/Site.php | 21 ++++++++++++++++++---
 cli/app.php        |  5 +++--
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php
index fd5d7bb5..f2cb033c 100644
--- a/cli/Valet/Site.php
+++ b/cli/Valet/Site.php
@@ -437,9 +437,9 @@ public function secured(): array
     /**
      * Get all of the URLs with expiration dates that are currently secured.
      */
-    public function securedWithDates(): array
+    public function securedWithDates($ca = false): array
     {
-        return collect($this->secured())->map(function ($site) {
+        $sites = collect($this->secured())->map(function ($site) {
             $filePath = $this->certificatesPath().'/'.$site.'.crt';
 
             $expiration = $this->cli->run("openssl x509 -enddate -noout -in $filePath");
@@ -450,7 +450,22 @@ public function securedWithDates(): array
                 'site' => $site,
                 'exp' => new DateTime($expiration),
             ];
-        })->unique()->values()->all();
+        })->unique()->values();
+
+        if ($ca) {
+            $filePath = $this->caPath('LaravelValetCASelfSigned.pem');
+
+            $expiration = $this->cli->run("openssl x509 -enddate -noout -in $filePath");
+
+            $expiration = str_replace('notAfter=', '', $expiration);
+
+            $sites->prepend([
+                'site' => 'Certificate Authority',
+                'exp' => new DateTime($expiration),
+            ]);
+        }
+
+        return $sites->all();
     }
 
     public function isSecured(string $site): bool
diff --git a/cli/app.php b/cli/app.php
index 14bd8271..f93ca923 100644
--- a/cli/app.php
+++ b/cli/app.php
@@ -285,9 +285,9 @@ function (ConsoleCommandEvent $event) {
     /**
      * Display all of the currently secured sites.
      */
-    $app->command('secured [--expiring] [--days=]', function (OutputInterface $output, $expiring = null, $days = 60) {
+    $app->command('secured [--expiring] [--days=] [--ca]', function (OutputInterface $output, $expiring = null, $days = 60, $ca = null) {
         $now = (new Datetime)->add(new DateInterval('P'.$days.'D'));
-        $sites = collect(Site::securedWithDates())
+        $sites = collect(Site::securedWithDates($ca))
             ->when($expiring, fn ($collection) => $collection->filter(fn ($row) => $row['exp'] < $now))
             ->map(function ($row) {
                 return [
@@ -301,6 +301,7 @@ function (ConsoleCommandEvent $event) {
     })->descriptions('Display all of the currently secured sites', [
         '--expiring' => 'Limits the results to only sites expiring within the next 60 days.',
         '--days' => 'To be used with --expiring. Limits the results to only sites expiring within the next X days. Default is set to 60.',
+        '--ca' => 'Include the Certificate Authority certificate in the list of site certificates.',
     ]);
 
     /**