First commit

app/Http/Controllers/Api/RootCaApiController.php

@@ -0,0 +1,69 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Controllers\Controller;
+use App\Models\CaCertificate;
+use App\Services\OpenSslService;
+use Illuminate\Http\Request;
+
+class RootCaApiController extends Controller
+{
+    protected $sslService;
+
+    public function __construct(OpenSslService $sslService)
+    {
+        $this->sslService = $sslService;
+    }
+
+    public function index()
+    {
+        $this->authorizeAdmin();
+
+        $certificates = CaCertificate::all()->map(function($cert) {
+            $cert->status = $cert->valid_to->isFuture() ? 'valid' : 'expired';
+            return $cert;
+        });
+
+        return response()->json([
+            'status' => 'success',
+            'data' => $certificates
+        ]);
+    }
+
+    public function renew(Request $request, CaCertificate $certificate)
+    {
+        $this->authorizeAdmin();
+
+        $days = (int) $request->input('days', 3650);
+
+        try {
+            $newData = $this->sslService->renewCaCertificate($certificate, $days);
+
+            $certificate->update([
+                'cert_content' => $newData['cert_content'],
+                'serial_number' => $newData['serial_number'],
+                'valid_from' => $newData['valid_from'],
+                'valid_to' => $newData['valid_to'],
+            ]);
+
+            return response()->json([
+                'status' => 'success',
+                'message' => 'Certificate renewed successfully.',
+                'data' => $certificate
+            ]);
+        } catch (\Exception $e) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Renewal failed: ' . $e->getMessage()
+            ], 500);
+        }
+    }
+
+    protected function authorizeAdmin()
+    {
+        if (auth()->user()->role !== 'admin') {
+            abort(403, 'Unauthorized action.');
+        }
+    }
+}