diff --git a/letsencrypt-apache/letsencrypt_apache/configurator.py b/letsencrypt-apache/letsencrypt_apache/configurator.py index eb8268e33..ecb6fe09a 100644 --- a/letsencrypt-apache/letsencrypt_apache/configurator.py +++ b/letsencrypt-apache/letsencrypt_apache/configurator.py @@ -192,39 +192,51 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): path["cert_path"] = self.parser.find_dir( "SSLCertificateFile", None, vhost.path) - path["cert_key"] = self.parser.find_dir( - "SSLCertificateKeyFile", None, vhost.path) # Only include if a certificate chain is specified if chain_path is not None: path["chain_path"] = self.parser.find_dir( "SSLCertificateChainFile", None, vhost.path) - if not path["cert_path"] or not path["cert_key"]: + if not path["cert_path"]: # Throw some can't find all of the directives error" logger.warn( - "Cannot find a cert or key directive in %s. " + "Cannot find a cert directive in %s. " "VirtualHost was not modified", vhost.path) # Presumably break here so that the virtualhost is not modified raise errors.PluginError( - "Unable to find cert and/or key directives") + "Unable to find cert directive") logger.info("Deploying Certificate to VirtualHost %s", vhost.filep) # Assign the final directives; order is maintained in find_dir if self.version >= (2, 4, 8): + logger.debug("Apache version (%s) is >= 2.4.8", + ".".join(map(str,self.version))) + set_cert_path = fullchain_path + logger.debug(fullchain_path) + logger.debug(path["cert_path"][-1]) self.aug.set(path["cert_path"][-1], fullchain_path) elif self.version < (2, 4, 8): + logger.debug("Apache version (%s) is < 2.4.8", + ".".join(map(str,self.version))) + set_cert_path = cert_path self.aug.set(path["cert_path"][-1], cert_path) - self.aug.set(path["chain_path"][-1], chain_path) + if not path["chain_path"]: + self.parser.add_dir(vhost.path, + "SSLCertificateChainFile", chain_path) + else: + self.aug.set(path["chain_path"][-1], chain_path) + + with open("%s/sites-available/%s" % (self.parser.root, os.path.basename(vhost.filep))) as f: + logger.debug(f.read()) # Save notes about the transaction that took place self.save_notes += ("Changed vhost at %s with addresses of %s\n" - "\tSSLCertificateFile %s\n" - "\tSSLCertificateKeyFile %s\n" % + "\tSSLCertificateFile %s\n" % (vhost.filep, ", ".join(str(addr) for addr in vhost.addrs), - cert_path, key_path)) + set_cert_path)) if chain_path is not None: self.save_notes += "\tSSLCertificateChainFile %s\n" % chain_path @@ -573,7 +585,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): self._update_ssl_vhosts_addrs(vh_p) # Remove existing SSL directives - logging.info("Removing existing SSL directives") + logger.info("Removing existing SSL directives") self._remove_existing_ssl_directives(vh_p) # Add directives @@ -657,8 +669,6 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator): def _add_dummy_ssl_directives(self, vh_path): self.parser.add_dir(vh_path, "SSLCertificateFile", "insert_cert_file_path") - self.parser.add_dir(vh_path, "SSLCertificateKeyFile", - "insert_key_file_path") self.parser.add_dir(vh_path, "Include", self.mod_ssl_conf) def _add_name_vhost_if_necessary(self, vhost):