Skip to content

Commit f08038d

Browse files
mbtamulimbtamuli
committed
Merge branch 'kirtangajjar-enable-ocsp-stapling' into develop-v4
2 parents a9b4b59 + 17b18d4 commit f08038d

File tree

1 file changed

+12
-20
lines changed

1 file changed

+12
-20
lines changed

php/class-ee-site-letsencrypt.php

Lines changed: 12 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -309,30 +309,22 @@ private function executeFirstRequest( $domain, array $alternativeNames, $email )
309309
EE::log( 'Certificate stored' );
310310

311311
// Post-generate actions
312-
$this->moveCertsToNginxProxy( $response );
312+
$this->moveCertsToNginxProxy( $domain );
313313
}
314314

315-
private function moveCertsToNginxProxy( CertificateResponse $response ) {
316-
$domain = $response->getCertificateRequest()->getDistinguishedName()->getCommonName();
317-
$privateKey = $response->getCertificateRequest()->getKeyPair()->getPrivateKey();
318-
$certificate = $response->getCertificate();
315+
private function moveCertsToNginxProxy( string $domain ) {
319316

320-
// To handle wildcard certs
321-
$domain = ltrim( $domain, '*.' );
317+
$key_source_file = strtr( $this->conf_dir . '/' . Repository::PATH_DOMAIN_KEY_PRIVATE, [ '{domain}' => $domain ] );
318+
$crt_source_file = strtr( $this->conf_dir . '/' . Repository::PATH_DOMAIN_CERT_FULLCHAIN, [ '{domain}' => $domain ] );
319+
$chain_source_file = strtr( $this->conf_dir . '/' . Repository::PATH_DOMAIN_CERT_CHAIN, [ '{domain}' => $domain ] );
322320

323-
file_put_contents( EE_CONF_ROOT . '/nginx/certs/' . $domain . '.key', $privateKey->getPEM() );
321+
$key_dest_file = EE_CONF_ROOT . '/nginx/certs/' . $domain . '.key';
322+
$crt_dest_file = EE_CONF_ROOT . '/nginx/certs/' . $domain . '.crt';
323+
$chain_dest_file = EE_CONF_ROOT . '/nginx/certs/' . $domain . '.chain.pem';
324324

325-
// Issuer chain
326-
$issuerChain = array_map(
327-
function ( Certificate $certificate ) {
328-
return $certificate->getPEM();
329-
}, $certificate->getIssuerChain()
330-
);
331-
332-
// Full chain
333-
$fullChainPem = $certificate->getPEM() . "\n" . implode( "\n", $issuerChain );
334-
335-
file_put_contents( EE_CONF_ROOT . '/nginx/certs/' . $domain . '.crt', $fullChainPem );
325+
copy( $key_source_file, $key_dest_file );
326+
copy( $crt_source_file, $crt_dest_file );
327+
copy( $chain_source_file, $chain_dest_file );
336328
}
337329

338330
/**
@@ -401,7 +393,7 @@ private function executeRenewal( $domain, array $alternativeNames, $force = fals
401393
$this->log( 'Certificate stored' );
402394

403395
// Post-generate actions
404-
$this->moveCertsToNginxProxy( $response );
396+
$this->moveCertsToNginxProxy( $domain );
405397
EE::log( 'Certificate renewed successfully!' );
406398

407399
}

0 commit comments

Comments
 (0)