Home Explore Help
Sign In
Hoshpak
/
acme-updater
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Remove redundant cert loading, use fullchain by default

Helmut Pozimski 11 months ago
parent
a7307e5d49
commit
3de51b7ebb
3 changed files with 3 additions and 14 deletions
Split View Show Diff Stats
  1. 1 2
      amulib/apache.py
  2. 0 9
      amulib/cert_path_provider.py
  3. 2 3
      amulib/service.py

+ 1 - 2
amulib/apache.py
View File 

@@ -67,10 +67,9 @@ def run(cert_path_provider: CertPathProvider, config=None,
 
             x509_current_cert = OpenSSL.crypto.load_certificate(
 
                 OpenSSL.crypto.FILETYPE_PEM, cert_text)
 
             if "Let's Encrypt" in x509_current_cert.get_issuer().__str__():
 
-                cert_path = cert_path_provider.provide_cert_path(entry[0])
 
                 fullchain_path = cert_path_provider.provide_fullchain_path(entry[0])
 
                 try:
 
-                    with open(cert_path, "r") as acme_cert_file:
 
+                    with open(fullchain_path, "r") as acme_cert_file:
 
                         acme_cert_text = acme_cert_file.read()
 
                 except IOError:
 
                     LOGGER.error("Could not open certificate for %s in acme "

+ 0 - 9
amulib/cert_path_provider.py
View File 

@@ -10,9 +10,6 @@ from abc import ABC, abstractmethod
 
 
 
 class CertPathProvider(ABC):
 
-    @abstractmethod
 
-    def provide_cert_path(self, fqdn: str) -> ntpath:
 
-        pass
 
 
     @abstractmethod
 
     def provide_fullchain_path(self, fqdn: str) -> ntpath:
 
@@ -33,9 +30,6 @@ class AcmeToolCertPathProvider(CertPathProvider):
 
     def _join_paths(self, fqdn: str, file_name: str) -> ntpath:
 
         return os.path.join(self._acme_dir, "live", fqdn, file_name)
 
 
-    def provide_cert_path(self, fqdn: str) -> ntpath:
 
-        return self._join_paths(fqdn, "cert")
 
-
 
     def provide_fullchain_path(self, fqdn: str) -> ntpath:
 
         return self._join_paths(fqdn, "fullchain")
 
 
@@ -47,9 +41,6 @@ class GetSslCertPathProvider(CertPathProvider):
 
     def _join_paths(self, fqdn: str, file_name: str) -> ntpath:
 
         return os.path.join(self._acme_dir, fqdn, file_name)
 
 
-    def provide_cert_path(self, fqdn: str) -> ntpath:
 
-        self._join_paths(fqdn, fqdn + ".crt")
 
-
 
     def provide_fullchain_path(self, fqdn: str) -> ntpath:
 
         self._join_paths(fqdn, "fullchain.crt")

+ 2 - 3
amulib/service.py
View File 

@@ -54,11 +54,10 @@ def run(cert_path_provider: CertPathProvider, service_name, config,
 
         )
 
         cert_alt_names = helpers.get_subject_alt_name(current_cert)
 
         fqdn = cert_alt_names[0]
 
-        acme_cert_path = cert_path_provider.provide_cert_path(fqdn)
 
         acme_fullchain_path = cert_path_provider.provide_fullchain_path(fqdn)
 
-        if helpers.check_renewal(current_cert, acme_cert_path):
 
+        if helpers.check_renewal(current_cert, acme_fullchain_path):
 
             try:
 
-                with open(acme_cert_path, "r") as acme_cert_file:
 
+                with open(acme_fullchain_path, "r") as acme_cert_file:
 
                     acme_cert_text = acme_cert_file.read()
 
             except IOError:
 
                 LOGGER.error("Error while opening new %s "