upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-06 15:22:38 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix it

Browse source
This commit is contained in:
Brad Warren 2020-08-27 11:01:21 -07:00
parent 2a047eb526
commit f18117c839
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
certbot/certbot/_internal/renewal.py
View file

@ -316,7 +316,14 @@ def renew_cert(config, domains, le_client, lineage):
domains = lineage.names()
# The private key is the existing lineage private key if reuse_key is set.
# Otherwise, generate a fresh private key by passing None.
new_key = os.path.normpath(lineage.privkey) if config.reuse_key else None
if config.reuse_key:
new_key = os.path.normpath(lineage.privkey)
# Rather than doing this, I think we probably want to actually inspect
# the key since https://github.com/certbot/certbot/issues/7694 shows
# that the current value may not be reliable.
config.rsa_key_size = renewal_params.get("rsa_key_size", cli.flag_default("rsa_key_size"))
else:
new_key = None
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
if config.dry_run:
logger.debug("Dry run: skipping updating lineage at %s",