Merge pull request #2313 from zauguin/master

Fix multiple snakeoil certs for nginx
2026-05-28 04:34:11 -04:00 · 2016-01-29 14:18:45 -08:00 · 2016-01-29 14:18:45 -08:00 · fd1ebb2d9f
commit fd1ebb2d9f
parent 95061b8487 5289420692
2 changed files with 4 additions and 4 deletions
--- a/letsencrypt-nginx/letsencrypt_nginx/configurator.py
+++ b/letsencrypt-nginx/letsencrypt_nginx/configurator.py
@ -310,10 +310,10 @@ class NginxConfigurator(common.Plugin):
        key = OpenSSL.crypto.load_privatekey(
            OpenSSL.crypto.FILETYPE_PEM, le_key.pem)
        cert = acme_crypto_util.gen_ss_cert(key, domains=[socket.gethostname()])
-        cert_path = os.path.join(tmp_dir, "cert.pem")
        cert_pem = OpenSSL.crypto.dump_certificate(
            OpenSSL.crypto.FILETYPE_PEM, cert)
-        with open(cert_path, 'w') as cert_file:
+        cert_file, cert_path = le_util.unique_file(os.path.join(tmp_dir, "cert.pem"))
+        with cert_file:
            cert_file.write(cert_pem)
        return cert_path, le_key.file

--- a/letsencrypt/crypto_util.py
+++ b/letsencrypt/crypto_util.py
@ -53,8 +53,8 @@ def init_save_key(key_size, key_dir, keyname="key-letsencrypt.pem"):
                               config.strict_permissions)
    key_f, key_path = le_util.unique_file(
        os.path.join(key_dir, keyname), 0o600)
-    key_f.write(key_pem)
-    key_f.close()
+    with key_f:
+        key_f.write(key_pem)

    logger.info("Generating key (%d bits): %s", key_size, key_path)