mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-04-23 00:38:30 +02:00
Per-certificate config fixes
- Ensure that all per-certificate settings are saved and restored in store_configvars() and reset_configvars() - that's what makes them per-certificate in the first place... - Add OCSP_FETCH and OCSP_DAYS in the documented list of supported per-certificate configs, since the code does allow these.
This commit is contained in:
Michel Lespinasse
committed by
Lukas Schauer
Lukas Schauer
parent
33a421f1e4
commit
527933db24
@@ -254,7 +254,10 @@ check_dependencies() {
|
|||||||
store_configvars() {
|
store_configvars() {
|
||||||
__KEY_ALGO="${KEY_ALGO}"
|
__KEY_ALGO="${KEY_ALGO}"
|
||||||
__OCSP_MUST_STAPLE="${OCSP_MUST_STAPLE}"
|
__OCSP_MUST_STAPLE="${OCSP_MUST_STAPLE}"
|
||||||
|
__OCSP_FETCH="${OCSP_FETCH}"
|
||||||
|
__OCSP_DAYS="${OCSP_DAYS}"
|
||||||
__PRIVATE_KEY_RENEW="${PRIVATE_KEY_RENEW}"
|
__PRIVATE_KEY_RENEW="${PRIVATE_KEY_RENEW}"
|
||||||
|
__PRIVATE_KEY_ROLLOVER="${PRIVATE_KEY_ROLLOVER}"
|
||||||
__KEYSIZE="${KEYSIZE}"
|
__KEYSIZE="${KEYSIZE}"
|
||||||
__CHALLENGETYPE="${CHALLENGETYPE}"
|
__CHALLENGETYPE="${CHALLENGETYPE}"
|
||||||
__HOOK="${HOOK}"
|
__HOOK="${HOOK}"
|
||||||
@@ -269,7 +272,10 @@ store_configvars() {
|
|||||||
reset_configvars() {
|
reset_configvars() {
|
||||||
KEY_ALGO="${__KEY_ALGO}"
|
KEY_ALGO="${__KEY_ALGO}"
|
||||||
OCSP_MUST_STAPLE="${__OCSP_MUST_STAPLE}"
|
OCSP_MUST_STAPLE="${__OCSP_MUST_STAPLE}"
|
||||||
|
OCSP_FETCH="${__OCSP_FETCH}"
|
||||||
|
OCSP_DAYS="${__OCSP_DAYS}"
|
||||||
PRIVATE_KEY_RENEW="${__PRIVATE_KEY_RENEW}"
|
PRIVATE_KEY_RENEW="${__PRIVATE_KEY_RENEW}"
|
||||||
|
PRIVATE_KEY_ROLLOVER="${__PRIVATE_KEY_ROLLOVER}"
|
||||||
KEYSIZE="${__KEYSIZE}"
|
KEYSIZE="${__KEYSIZE}"
|
||||||
CHALLENGETYPE="${__CHALLENGETYPE}"
|
CHALLENGETYPE="${__CHALLENGETYPE}"
|
||||||
HOOK="${__HOOK}"
|
HOOK="${__HOOK}"
|
||||||
@@ -1622,6 +1628,8 @@ command_sign_domains() {
|
|||||||
); do
|
); do
|
||||||
config_var="$(echo "${cfgline:1}" | cut -d'=' -f1)"
|
config_var="$(echo "${cfgline:1}" | cut -d'=' -f1)"
|
||||||
config_value="$(echo "${cfgline:1}" | cut -d'=' -f2- | tr -d "'")"
|
config_value="$(echo "${cfgline:1}" | cut -d'=' -f2- | tr -d "'")"
|
||||||
|
# All settings that are allowed here should also be stored and
|
||||||
|
# restored in store_configvars() and reset_configvars()
|
||||||
case "${config_var}" in
|
case "${config_var}" in
|
||||||
KEY_ALGO|OCSP_MUST_STAPLE|OCSP_FETCH|OCSP_DAYS|PRIVATE_KEY_RENEW|PRIVATE_KEY_ROLLOVER|KEYSIZE|CHALLENGETYPE|HOOK|PREFERRED_CHAIN|WELLKNOWN|HOOK_CHAIN|OPENSSL_CNF|RENEW_DAYS)
|
KEY_ALGO|OCSP_MUST_STAPLE|OCSP_FETCH|OCSP_DAYS|PRIVATE_KEY_RENEW|PRIVATE_KEY_ROLLOVER|KEYSIZE|CHALLENGETYPE|HOOK|PREFERRED_CHAIN|WELLKNOWN|HOOK_CHAIN|OPENSSL_CNF|RENEW_DAYS)
|
||||||
echo " + ${config_var} = ${config_value}"
|
echo " + ${config_var} = ${config_value}"
|
||||||
|
|||||||
@@ -11,6 +11,8 @@ Currently supported options:
|
|||||||
- KEY_ALGO
|
- KEY_ALGO
|
||||||
- KEYSIZE
|
- KEYSIZE
|
||||||
- OCSP_MUST_STAPLE
|
- OCSP_MUST_STAPLE
|
||||||
|
- OCSP_FETCH
|
||||||
|
- OCSP_DAYS
|
||||||
- CHALLENGETYPE
|
- CHALLENGETYPE
|
||||||
- HOOK
|
- HOOK
|
||||||
- HOOK_CHAIN
|
- HOOK_CHAIN
|
||||||
|
|||||||
Reference in New Issue
Block a user