crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-26 07:41:33 +03:00
Code Activity

Better fix for options-ssl.conf requirement

Browse Source
This commit is contained in:
James Kasten
2014-11-21 03:18:37 -08:00
parent ad2078df37
commit 971441fe2f
1 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
letsencrypt/client/apache_configurator.py
View File

@@ -6,6 +6,7 @@ import sys
import socket
import time
import shutil
from pkg_resources import Requirement, resource_filename
from letsencrypt.client.CONFIG import SERVER_ROOT, BACKUP_DIR
from letsencrypt.client.CONFIG import REWRITE_HTTPS_ARGS, CONFIG_DIR, WORK_DIR
@@ -19,6 +20,8 @@ import binascii, hashlib
from Crypto import Random
from letsencrypt.client.CONFIG import S_SIZE, APACHE_CHALLENGE_CONF, INVALID_EXT
options_ssl_conf = resource_filename(__name__, os.basename(OPTIONS_SSL_CONF))
#from CONFIG import SERVER_ROOT, BACKUP_DIR, REWRITE_HTTPS_ARGS, CONFIG_DIR,
#from CONFIG import WORK_DIR, TEMP_CHECKPOINT_DIR, IN_PROGRESS_DIR, OPTIONS_SSL_CONF, LE_VHOST_EXT
#import logger, le_util
@@ -619,7 +622,7 @@ class ApacheConfigurator(augeas_configurator.AugeasConfigurator):
self.add_dir(vh_p[0], "SSLCertificateFile", "/etc/ssl/certs/ssl-cert-snakeoil.pem")
self.add_dir(vh_p[0], "SSLCertificateKeyFile", "/etc/ssl/private/ssl-cert-snakeoil.key")
self.add_dir(vh_p[0], "Include", OPTIONS_SSL_CONF)
self.add_dir(vh_p[0], "Include", options_ssl_conf)
# Log actions and create save notes
logger.info("Created an SSL vhost at %s" % ssl_fp)
@@ -1156,7 +1159,7 @@ SSLStrictSNIVHostCheck on \n \
\n \
LimitRequestBody 1048576 \n \
\n \
Include " + OPTIONS_SSL_CONF + " \n \
Include " + options_ssl_conf + " \n \
SSLCertificateFile " + self.dvsni_get_cert_file(nonce) + " \n \
SSLCertificateKeyFile " + key + " \n \
\n \
@@ -1177,11 +1180,6 @@ DocumentRoot " + CONFIG_DIR + "challenge_page/ \n \
result: Apache config includes virtual servers for issued challenges
"""
# Check to make sure options-ssl.conf is installed
if not os.path.isfile(OPTIONS_SSL_CONF):
shutil.copyfile("letsencrypt/client/%s" % os.path.basename(OPTIONS_SSL_CONF), OPTIONS_SSL_CONF)
# TODO: Use ip address of existing vhost instead of relying on FQDN
configText = "<IfModule mod_ssl.c> \n"
for idx, lis in enumerate(listlistAddrs):