From 98adf5e9712f4463c6ea6b42f10aab2102ec8081 Mon Sep 17 00:00:00 2001
From: stef <stef@stef.lan>
Date: Sun, 7 Dec 2025 09:47:07 +0100
Subject: [PATCH] fix(storage): store private keys for all certificates, not
 just CAs

---
 internal/storage/mongo.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/internal/storage/mongo.go b/internal/storage/mongo.go
index 5468342..f719012 100644
--- a/internal/storage/mongo.go
+++ b/internal/storage/mongo.go
@@ -28,7 +28,7 @@ type CertificateDoc struct {
 	IsCA       bool `bson:"is_ca"`
 	Revoked    bool `bson:"revoked"`
 	Cert       string `bson:"cert"` // Base64 encoded certificate
-	PrivateKey string `bson:"private_key"` // Base64 encoded private key (only for CAs)
+	PrivateKey string `bson:"private_key"` // Base64 encoded private key (for all certificates)
 	CreatedAt  time.Time `bson:"created_at"`
 }
 
@@ -87,8 +87,8 @@ func (m *MongoStore) SaveCertificate(id string, cert *pki.Certificate) error {
 		doc.Cert = base64.StdEncoding.EncodeToString(cert.Cert.Raw)
 	}
 
-	// Encoder la clé privée en base64 (seulement pour les CAs)
-	if cert.PrivateKey != nil && cert.IsCA {
+	// Encoder la clé privée en base64 (pour tous les certificats)
+	if cert.PrivateKey != nil {
 		privKeyBytes, err := marshalPrivateKey(cert.PrivateKey)
 		if err != nil {
 			return err