upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-06-04 06:15:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix acme operations when using multiple accounts

Browse source 
acme.sh stores some account-related information in
/var/etc/acme-client/home/ca
this leads to "validation failed" messages every time a certificate
with a different account is validated
this is fixed by adding ACCOUNT_JSON_PATH and CA_CONF to account.conf
This commit is contained in:
Alexander Graf 2018-08-14 12:48:13 +02:00
parent b3d0d01bc1
commit c2f44d5dd5
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
View file

@ -319,10 +319,14 @@ function run_acme_account_registration($acctObj, $certObj, $modelObj)
$account_conf_dir = "/var/etc/acme-client/accounts/" . $acctObj->id;
$account_conf_file = $account_conf_dir . "/account.conf";
$account_key_file = $account_conf_dir . "/account.key";
$account_json_file = $account_conf_dir . "/account.json";
$account_ca_file = $account_conf_dir . "/ca.conf";
$acme_conf = array();
$acme_conf[] = "CERT_HOME='/var/etc/acme-client/home'";
$acme_conf[] = "LOG_FILE='/var/log/acme.sh.log'";
$acme_conf[] = "ACCOUNT_KEY_PATH='" . $account_key_file . "'";
$acme_conf[] = "ACCOUNT_JSON_PATH='" . $account_json_file . "'";
$acme_conf[] = "CA_CONF='" . $account_ca_file . "'";
if (!empty((string)$acctObj->email)) {
$acme_conf[] = "ACCOUNT_EMAIL='" . (string)$acctObj->email . "'";
}