Skip to content

Commit 1cba34a

Browse files
author
Thom
committed
Only add -w if http-01 verification is done (#4202)
1 parent 20a8815 commit 1cba34a

File tree

1 file changed

+5
-3
lines changed

1 file changed

+5
-3
lines changed

server/lib/classes/letsencrypt.inc.php

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,8 @@ public function get_acme_command($domains, $key_file, $bundle_file, $cert_file,
9797
$dns_variables_cmd .= "export " . $dns_variable . ' ; ';
9898
}
9999
$dns = '--dns dns_ispconfig';
100+
} else { // use HTTP-01 verification
101+
$cmd .= " -w /usr/local/ispconfig/interface/acme";
100102
}
101103

102104
if($dns == '') {
@@ -107,7 +109,7 @@ public function get_acme_command($domains, $key_file, $bundle_file, $cert_file,
107109
return false;
108110
}
109111

110-
$cmd = $dns_variables_cmd . 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $dns . $cmd . ' -w /usr/local/ispconfig/interface/acme --always-force-new-domain-key --keylength 4096; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' ' . $cert_arg . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . ' --log ' . escapeshellarg($conf['ispconfig_log_dir'].'/acme.log') . '; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi';
112+
$cmd = $dns_variables_cmd . 'R=0 ; C=0 ; ' . $letsencrypt . ' --issue ' . $dns . $cmd . ' --always-force-new-domain-key --keylength 4096 --log ' . escapeshellarg($conf['ispconfig_log_dir'].'/acme.log') . ' ; R=$? ; if [ $R -eq 0 -o $R -eq 2 ] ; then ' . $letsencrypt . ' --install-cert ' . $cmd . ' --key-file ' . escapeshellarg($key_file) . ' ' . $cert_arg . ' --reloadcmd ' . escapeshellarg($this->get_reload_command()) . ' --log ' . escapeshellarg($conf['ispconfig_log_dir'].'/acme.log') . '; C=$? ; fi ; if [ $C -eq 0 ] ; then exit $R ; else exit $C ; fi';
111113

112114
return $cmd;
113115
}
@@ -381,7 +383,7 @@ public function request_certificates($data, $server_type = 'apache') {
381383
$aliasdomains = null;
382384

383385
//* be sure to have good domain
384-
if(substr($domain,0,4) != 'www.' && ($data['new']['subdomain'] == "www" || $data['new']['subdomain'] == "*")) {
386+
if(substr($domain,0,4) != 'www.' && ($data['new']['subdomain'] == "www" || ($data['new']['subdomain'] == "*" && ($use_acme = FALSE || $global_sites_config['acme_dns_user'] == '')))) {
385387
$temp_domains[] = "www." . $domain;
386388
}
387389

@@ -398,7 +400,7 @@ public function request_certificates($data, $server_type = 'apache') {
398400
if(is_array($aliasdomains)) {
399401
foreach($aliasdomains as $aliasdomain) {
400402
$temp_domains[] = $aliasdomain['domain'];
401-
if(isset($aliasdomain['subdomain']) && substr($aliasdomain['domain'],0,4) != 'www.' && ($aliasdomain['subdomain'] == "www" OR $aliasdomain['subdomain'] == "*")) {
403+
if(isset($aliasdomain['subdomain']) && substr($aliasdomain['domain'],0,4) != 'www.' && ($aliasdomain['subdomain'] == "www" OR ($data['new']['subdomain'] == "*" && ($use_acme = FALSE || $global_sites_config['acme_dns_user'] == '')))) {
402404
$temp_domains[] = "www." . $aliasdomain['domain'];
403405
}
404406
}

0 commit comments

Comments
 (0)