voltron/letsencrypt-esxi
1
0
Fork 0
mirror of https://github.com/w2c/letsencrypt-esxi.git synced 2026-01-16 07:08:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

Keep existing cert while it is still valid

Browse Source 
Letsencrypt has some hiccups sometimes during renewals. Instead of instantly replacing a still valid cert with a self-signed, it should be kept, while it hasn't expired
This commit is contained in:
Johannes Feichtner
2022-12-03 23:53:11 +01:00
parent cbe7fd719f
commit a58778311d
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
renew.sh
View File

@@ -98,6 +98,8 @@ if [ -n "$CERT" ] ; then
cp -p "$LOCALDIR/$KEY" "$VMWARE_KEY" cp -p "$LOCALDIR/$KEY" "$VMWARE_KEY"
cp -p "$LOCALDIR/$CRT" "$VMWARE_CRT" cp -p "$LOCALDIR/$CRT" "$VMWARE_CRT"
log "Success: Obtained and installed a certificate from Let's Encrypt." log "Success: Obtained and installed a certificate from Let's Encrypt."
elif openssl x509 -checkend 86400 -noout -in "$VMWARE_CRT"; then
log "Warning: No cert obtained from Let's Encrypt. Keeping the existing one as it is still valid."
else else
log "Error: No cert obtained from Let's Encrypt. Generating a self-signed certificate." log "Error: No cert obtained from Let's Encrypt. Generating a self-signed certificate."
/sbin/generate-certificates /sbin/generate-certificates