Don't fail authentication when vhost cannot be found

Should fix #677 and #2600.
2026-06-09 00:32:12 -04:00 · 2016-05-02 09:30:32 +03:00 · 2016-05-02 09:30:32 +03:00 · 528a816f70
commit 528a816f70
parent eb56c166d7
1 changed files with 11 additions and 1 deletions
--- a/certbot-apache/certbot_apache/tls_sni_01.py
+++ b/certbot-apache/certbot_apache/tls_sni_01.py
@ -4,6 +4,7 @@ import os
 import logging

 from certbot.plugins import common
+from certbot.errors import PluginError

 from certbot_apache import obj
 from certbot_apache import parser
@ -116,12 +117,21 @@ class ApacheTlsSni01(common.TLSSNI01):

    def _get_addrs(self, achall):
        """Return the Apache addresses needed for TLS-SNI-01."""
-        vhost = self.configurator.choose_vhost(achall.domain, temp=True)
        # TODO: Checkout _default_ rules.
        addrs = set()
        default_addr = obj.Addr(("*", str(
            self.configurator.config.tls_sni_01_port)))

+        try:
+            vhost = self.configurator.choose_vhost(achall.domain, temp=True)
+        except PluginError:
+            # We couldn't find the virtualhost for this domain, possibly
+            # because it's a new vhost that's not configured yet (GH #677),
+            # or perhaps because there were multiple <VirtualHost> sections
+            # in the config file (GH #1042).  See also GH #2600.
+            addrs.add(default_addr)
+            return addrs
+
        for addr in vhost.addrs:
            if "_default_" == addr.get_addr():
                addrs.add(default_addr)