From 874a4c6773c6b21b986835340f4de2e3d94be1f8 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Thu, 11 Jan 2018 13:35:16 -0800 Subject: [PATCH] select an http block instead of https --- certbot-nginx/certbot_nginx/configurator.py | 20 ++++++++++++++++++-- certbot-nginx/certbot_nginx/http_01.py | 3 ++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/certbot-nginx/certbot_nginx/configurator.py b/certbot-nginx/certbot_nginx/configurator.py index a6157132e..f5b231ba3 100644 --- a/certbot-nginx/certbot_nginx/configurator.py +++ b/certbot-nginx/certbot_nginx/configurator.py @@ -368,7 +368,7 @@ class NginxConfigurator(common.Installer): return sorted(matches, key=lambda x: x['rank']) - def choose_redirect_vhost(self, target_name, port): + def choose_redirect_vhost(self, target_name, port, create_if_no_match=False): """Chooses a single virtual host for redirect enhancement. Chooses the vhost most closely matching target_name that is @@ -382,12 +382,28 @@ class NginxConfigurator(common.Installer): :param str target_name: domain name :param str port: port number + :param bool create_if_no_match: If we should create a new vhost from default + when there is no match found. If we can't choose a default, raise a + MisconfigurationError. + :returns: vhost associated with name :rtype: :class:`~certbot_nginx.obj.VirtualHost` """ matches = self._get_redirect_ranked_matches(target_name, port) - return self._select_best_name_match(matches) + vhost = self._select_best_name_match(matches) + if not vhost: + if create_if_no_match: + vhost = self._vhost_from_duplicated_default(target_name) + else: + # No matches. Raise a misconfiguration error. + raise errors.MisconfigurationError( + ("Cannot find a VirtualHost matching domain %s. " + "In order for Certbot to correctly perform the challenge " + "please add a corresponding server_name directive to your " + "nginx configuration: " + "https://nginx.org/en/docs/http/server_names.html") % (target_name)) + return vhost def _get_redirect_ranked_matches(self, target_name, port): """Gets a ranked list of plaintextish port-listening vhosts matching target_name diff --git a/certbot-nginx/certbot_nginx/http_01.py b/certbot-nginx/certbot_nginx/http_01.py index 7cbd239cc..4f565f2ca 100644 --- a/certbot-nginx/certbot_nginx/http_01.py +++ b/certbot-nginx/certbot_nginx/http_01.py @@ -93,7 +93,8 @@ class NginxHttp01(common.ChallengePerformer): :class:`certbot.achallenges.KeyAuthorizationAnnotatedChallenge` """ - vhost = self.configurator.choose_vhost(achall.domain, create_if_no_match=True) + vhost = self.configurator.choose_redirect_vhost(achall.domain, + self.configurator.config.http01_port, create_if_no_match=True) validation = achall.validation(achall.account_key) validation_path = self._get_validation_path(achall)