Commit parsed certificate as ASCII instead of DER

Because openssl wasn't able to parse DER precertificates.  And now the
user can just view the file rather than fiddling with openssl.

2 files changed, 4 insertions, 3 deletions

diff --git a/docs/metrics.md b/docs/metrics.md
index 6fa12c1..1dea0ef 100644
--- a/docs/metrics.md
+++ b/docs/metrics.md
@@ -43,7 +43,7 @@ silentct_certificate_alert{stored_at="/path/to/state/crt_found/<log-hex-id>-<log
 ```
 
 `stored_at` is where the log entry is stored on the monitor's local file system.
-For convenience, the parsed log-entry certificate is also available as `.der`.
+For convenience, the parsed log-entry certificate is also available as `.ascii`.
 
 ## `"silentct_error_counter"`
 
diff --git a/pkg/storage/index/index.go b/pkg/storage/index/index.go
index bf94711..95eb04a 100644
--- a/pkg/storage/index/index.go
+++ b/pkg/storage/index/index.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/google/certificate-transparency-go/x509util"
 	"rgdd.se/silentct/internal/ioutil"
 	"rgdd.se/silentct/internal/monitor"
 	"rgdd.se/silentct/pkg/crtutil"
@@ -81,8 +82,8 @@ func (ix *Index) AddEntries(logID [sha256.Size]byte, entries []monitor.LogEntry)
 		if err := ioutil.CommitJSON(path, entry); err != nil {
 			return err
 		}
-		path = fmt.Sprintf("%s/%x-%d.der", ix.cfg.MatchDirectory, logID[:], entry.LeafIndex)
-		return ioutil.CommitData(path, crt.Raw)
+		path = fmt.Sprintf("%s/%x-%d.ascii", ix.cfg.MatchDirectory, logID[:], entry.LeafIndex)
+		return ioutil.CommitData(path, []byte(x509util.CertificateToString(&crt)))
 	}
 
 	for _, entry := range entries {