From c54f154ea61cc5ada3cc8d1497da676a125d7be9 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Thu, 25 Jun 2015 18:12:45 -0700
Subject: [PATCH 1/2] Try to renew certs before trying to deploy them

---
 letsencrypt/renewer.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/letsencrypt/renewer.py b/letsencrypt/renewer.py
index d2c0b8e7d..3c6fbc971 100644
--- a/letsencrypt/renewer.py
+++ b/letsencrypt/renewer.py
@@ -166,11 +166,6 @@ def main(config=None, args=sys.argv[1:]):
             # user about the existence of an invalid or corrupt renewal
             # config rather than simply ignoring it.
             continue
-        if cert.should_autodeploy():
-            cert.update_all_links_to(cert.latest_common_version())
-            # TODO: restart web server (invoke IInstaller.restart() method)
-            notify.notify("Autodeployed a cert!!!", "root", "It worked!")
-            # TODO: explain what happened
         if cert.should_autorenew():
             # Note: not cert.current_version() because the basis for
             # the renewal is the latest version, even if it hasn't been
@@ -179,3 +174,8 @@ def main(config=None, args=sys.argv[1:]):
             renew(cert, old_version)
             notify.notify("Autorenewed a cert!!!", "root", "It worked!")
             # TODO: explain what happened
+        if cert.should_autodeploy():
+            cert.update_all_links_to(cert.latest_common_version())
+            # TODO: restart web server (invoke IInstaller.restart() method)
+            notify.notify("Autodeployed a cert!!!", "root", "It worked!")
+            # TODO: explain what happened

From fbb0058bcd855a6cca687e9a6cacf79097d3fd98 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Thu, 25 Jun 2015 18:15:59 -0700
Subject: [PATCH 2/2] Enable renewer test that was failing

---
 tests/boulder-integration.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh
index c3cc49c70..655d7f476 100755
--- a/tests/boulder-integration.sh
+++ b/tests/boulder-integration.sh
@@ -43,5 +43,5 @@ for x in cert chain fullchain privkey;
 do
     latest="$(ls -1t $dir/ | grep -e "^${x}" | head -n1)"
     live="$(readlink -f "$root/conf/live/le.wtf/${x}.pem")"
-    #[ "${dir}/${latest}" = "$live" ]  # renewer fails this test
+    [ "${dir}/${latest}" = "$live" ]
 done