mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-07-02 11:11:45 +02:00
require a valid alias to be set for certain wildcard certificates (fixes #483)
This commit is contained in:
+10
-6
@@ -1152,6 +1152,16 @@ command_sign_domains() {
|
|||||||
[ ${aliascount} -lt 1 ] && alias="${domain}" || alias="${alias#>}"
|
[ ${aliascount} -lt 1 ] && alias="${domain}" || alias="${alias#>}"
|
||||||
export alias
|
export alias
|
||||||
|
|
||||||
|
if [[ -z "${morenames}" ]];then
|
||||||
|
echo "Processing ${domain}"
|
||||||
|
else
|
||||||
|
echo "Processing ${domain} with alternative names: ${morenames}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${alias:0:2}" = "*." ]; then
|
||||||
|
_exiterr "Please define a valid alias for your ${domain} wildcard-certificate. See domains.txt-documentation for more details."
|
||||||
|
fi
|
||||||
|
|
||||||
local certdir="${CERTDIR}/${alias}"
|
local certdir="${CERTDIR}/${alias}"
|
||||||
cert="${certdir}/cert.pem"
|
cert="${certdir}/cert.pem"
|
||||||
chain="${certdir}/chain.pem"
|
chain="${certdir}/chain.pem"
|
||||||
@@ -1160,12 +1170,6 @@ command_sign_domains() {
|
|||||||
|
|
||||||
timestamp="$(date +%s)"
|
timestamp="$(date +%s)"
|
||||||
|
|
||||||
if [[ -z "${morenames}" ]];then
|
|
||||||
echo "Processing ${domain}"
|
|
||||||
else
|
|
||||||
echo "Processing ${domain} with alternative names: ${morenames}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# If there is no existing certificate directory => make it
|
# If there is no existing certificate directory => make it
|
||||||
if [[ ! -e "${certdir}" ]]; then
|
if [[ ! -e "${certdir}" ]]; then
|
||||||
echo " + Creating new directory ${certdir} ..."
|
echo " + Creating new directory ${certdir} ..."
|
||||||
|
|||||||
@@ -17,3 +17,6 @@ You can define an alias for your certificate which will (instead of the primary
|
|||||||
used as directory name under your certdir and for a per-certificate lookup.
|
used as directory name under your certdir and for a per-certificate lookup.
|
||||||
This allows multiple certificates with identical sets of domains but different configuration
|
This allows multiple certificates with identical sets of domains but different configuration
|
||||||
to exist.
|
to exist.
|
||||||
|
|
||||||
|
Certificates with a wildcard domain as first (or only) name require an alias to be set.
|
||||||
|
Aliases can't start with `*.`.
|
||||||
|
|||||||
Reference in New Issue
Block a user