Software / code / prosody
Changeset
12287:5cd075ed4fd3
core.certmanager: Relax certificate filename check #1713
After a survey of ACME clients it seems *.crt and *fullchain* should
work for the majority. The rest get to manually copy their files.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 14 Feb 2022 18:29:31 +0100 |
| parents | 12286:ad88732eea51 |
| children | 12288:08a933450922 |
| files | core/certmanager.lua |
| diffstat | 1 files changed, 2 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/core/certmanager.lua Sun Feb 13 17:27:29 2022 +0100 +++ b/core/certmanager.lua Mon Feb 14 18:29:31 2022 +0100 @@ -102,12 +102,7 @@ end local function find_matching_key(cert_path) - -- FIXME we shouldn't need to guess the key filename - if cert_path:sub(-4) == ".crt" then - return cert_path:sub(1, -4) .. "key"; - elseif cert_path:sub(-14) == "/fullchain.pem" then - return cert_path:sub(1, -14) .. "privkey.pem"; - end + return (cert_path:gsub("%.crt$", ".key"):gsub("fullchain", "privkey")); end local function index_certs(dir, files_by_name, depth_limit) @@ -130,8 +125,7 @@ if file:sub(1,1) ~= "." then index_certs(full, files_by_name, depth_limit-1); end - -- TODO support more filename patterns? - elseif full:match("%.crt$") or full:match("/fullchain%.pem$") then + elseif file:find("%.crt$") or file:find("fullchain") then -- This should catch most fullchain files local f = io_open(full); if f then -- TODO look for chained certificates
