Software /
code /
prosody
Comparison
core/certmanager.lua @ 10709:fcf7f50ccdd0 0.11
core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526)
This makes
`prosodyctl cert import example.com /path/to/example.com/fullchain.pem`
work. This was never intended to, yet users commonly tried this and got
problems.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Fri, 10 Apr 2020 16:11:09 +0200 |
parent | 8828:2a0d7fa4c56a |
child | 10710:549e408bab14 |
child | 10721:3a1b1d3084fb |
comparison
equal
deleted
inserted
replaced
10707:c4b49939b471 | 10709:fcf7f50ccdd0 |
---|---|
71 for i = 1, #crt_try do | 71 for i = 1, #crt_try do |
72 local crt_path = certs .. crt_try[i]:format(name); | 72 local crt_path = certs .. crt_try[i]:format(name); |
73 local key_path = certs .. key_try[i]:format(name); | 73 local key_path = certs .. key_try[i]:format(name); |
74 | 74 |
75 if stat(crt_path, "mode") == "file" then | 75 if stat(crt_path, "mode") == "file" then |
76 if key_path:sub(-4) == ".crt" then | 76 if crt_path == key_path then |
77 key_path = key_path:sub(1, -4) .. "key"; | 77 if key_path:sub(-4) == ".crt" then |
78 if stat(key_path, "mode") == "file" then | 78 key_path = key_path:sub(1, -4) .. "key"; |
79 log("debug", "Selecting certificate %s with key %s for %s", crt_path, key_path, name); | 79 elseif key_path:sub(-13) == "fullchain.pem" then |
80 return { certificate = crt_path, key = key_path }; | 80 key_path = key_path:sub(1, -14) .. "privkey.pem"; |
81 end | 81 end |
82 elseif stat(key_path, "mode") == "file" then | 82 end |
83 | |
84 if stat(key_path, "mode") == "file" then | |
83 log("debug", "Selecting certificate %s with key %s for %s", crt_path, key_path, name); | 85 log("debug", "Selecting certificate %s with key %s for %s", crt_path, key_path, name); |
84 return { certificate = crt_path, key = key_path }; | 86 return { certificate = crt_path, key = key_path }; |
85 end | 87 end |
86 end | 88 end |
87 end | 89 end |