forked from TrueCloudLab/lego
Merge pull request #57 from xenolf/fix-san-renewal
Fix: renew dropping additional DNSNames
This commit is contained in:
commit
37153517a9
2 changed files with 72 additions and 51 deletions
|
@ -368,7 +368,24 @@ func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool, bund
|
|||
return cert, nil
|
||||
}
|
||||
|
||||
newCerts, failures := c.ObtainCertificates([]string{cert.Domain}, bundle)
|
||||
var domains []string
|
||||
newCerts := make([]CertificateResource, 1)
|
||||
var failures map[string]error
|
||||
// check for SAN certificate
|
||||
if len(x509Cert.DNSNames) > 1 {
|
||||
domains = append(domains, x509Cert.Subject.CommonName)
|
||||
for _, sanDomain := range x509Cert.DNSNames {
|
||||
if sanDomain == x509Cert.Subject.CommonName {
|
||||
continue
|
||||
}
|
||||
domains = append(domains, sanDomain)
|
||||
}
|
||||
newCerts[0], failures = c.ObtainSANCertificate(domains, bundle)
|
||||
} else {
|
||||
domains = append(domains, x509Cert.Subject.CommonName)
|
||||
newCerts, failures = c.ObtainCertificates(domains, bundle)
|
||||
}
|
||||
|
||||
if len(failures) > 0 {
|
||||
return CertificateResource{}, failures[cert.Domain]
|
||||
}
|
||||
|
|
|
@ -173,7 +173,12 @@ func revoke(c *cli.Context) {
|
|||
func renew(c *cli.Context) {
|
||||
conf, _, client := setup(c)
|
||||
|
||||
for _, domain := range c.GlobalStringSlice("domains") {
|
||||
if len(c.GlobalStringSlice("domains")) <= 0 {
|
||||
logger().Fatal("Please specify at least one domain.")
|
||||
}
|
||||
|
||||
domain := c.GlobalStringSlice("domains")[0]
|
||||
|
||||
// load the cert resource from files.
|
||||
// We store the certificate, private key and metadata in different files
|
||||
// as web servers would not be able to work with a combined file.
|
||||
|
@ -193,7 +198,7 @@ func renew(c *cli.Context) {
|
|||
}
|
||||
|
||||
if int(expTime.Sub(time.Now()).Hours() / 24.0) <= c.Int("days") {
|
||||
continue
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -223,4 +228,3 @@ func renew(c *cli.Context) {
|
|||
|
||||
saveCertRes(newCert, conf)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue