Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LetsEncrypt add/remove domain to cert #72

Open
Polichronucci opened this issue Jul 7, 2016 · 1 comment
Open

LetsEncrypt add/remove domain to cert #72

Polichronucci opened this issue Jul 7, 2016 · 1 comment
Labels
enhancement

Comments

@Polichronucci
Copy link

The pki-realm script support renewal of scripts that are about to expire, but if I modify the configuration of a certificate it wont update the certificate. Right now only deletion of the whole realm directory works.

A check like the following could do the check and then remove the keys like the pki-realm script already does upon cert expiration.

cur_san=$(openssl x509 -in public/cert.pem -noout -text |awk '/X509v3 Subject Alternative Name:/{ P=1; next } /X509v3 Certificate Policies:/ {exit} P' | sed 's/ //g' |tr ',' '\n' |sed 's/DNS://' |sort) 
new_san=$(grep 'DNS.' acme/openssl.conf |cut -d= -f2 |sed 's/ //g' |sort)
diff $cur_san $new_san
@drybjed
Copy link
Member

drybjed commented Jul 8, 2016

Thanks! I'll check it out and try to imlement automatic update of the domains, for all authorities if possible. This should be very useful. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drybjed @Polichronucci