diff --git a/install/froxlor.sql b/install/froxlor.sql index 870e30d4..0876cffd 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -688,7 +688,7 @@ opcache.interned_strings_buffer'), ('panel', 'password_special_char', '!?<>ยง$%+#=@'), ('panel', 'customer_hide_options', ''), ('panel', 'version', '0.9.39.5'), - ('panel', 'db_version', '201802130'); + ('panel', 'db_version', '201802250'); DROP TABLE IF EXISTS `panel_tasks`; @@ -1004,6 +1004,7 @@ CREATE TABLE IF NOT EXISTS `domain_ssl_settings` ( `ssl_ca_file` mediumtext, `ssl_cert_chainfile` mediumtext, `ssl_csr_file` mediumtext, + `ssl_fullchain_file` mediumtext, `expirationdate` datetime DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index 0abab0fe..0e9c09e6 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -3939,3 +3939,12 @@ if (isFroxlorVersion('0.9.39.4')) { showUpdateStep("Updating from 0.9.39.4 to 0.9.39.5", false); updateToVersion('0.9.39.5'); } + +if (isDatabaseVersion('201802130')) { + + showUpdateStep("Adding fullchain field to ssl certificates"); + Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` ADD `ssl_fullchain_file` mediumtext AFTER `ssl_csr_file`;"); + lastStepStatus(0); + + updateToDbVersion('201802250'); +} diff --git a/lib/classes/webserver/class.DomainSSL.php b/lib/classes/webserver/class.DomainSSL.php index 82ae9fcd..73399bfa 100644 --- a/lib/classes/webserver/class.DomainSSL.php +++ b/lib/classes/webserver/class.DomainSSL.php @@ -89,6 +89,10 @@ class DomainSSL { $ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_chain.pem'); } } + // will only be generated to be used externally, froxlor does not need this + if ($dom_certs['ssl_fullchain_file'] != '') { + $ssl_files['ssl_fullchain_file'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_fullchain.pem'); + } // create them on the filesystem foreach ($ssl_files as $type => $filename) { if ($filename != '') { diff --git a/lib/version.inc.php b/lib/version.inc.php index 49935fb7..9ad32b3a 100644 --- a/lib/version.inc.php +++ b/lib/version.inc.php @@ -19,7 +19,7 @@ $version = '0.9.39.5'; // Database version (YYYYMMDDC where C is a daily counter) -$dbversion = '201802130'; +$dbversion = '201802250'; // Distribution branding-tag (used for Debian etc.) $branding = ''; diff --git a/scripts/jobs/cron_letsencrypt.php b/scripts/jobs/cron_letsencrypt.php index b25b9a8d..98ee24ce 100644 --- a/scripts/jobs/cron_letsencrypt.php +++ b/scripts/jobs/cron_letsencrypt.php @@ -60,6 +60,7 @@ $certificates_stmt = Database::query(" dom.`id` = domssl.`domainid` WHERE dom.`customerid` = cust.`customerid` + AND cust.deactivated = 0 AND dom.`letsencrypt` = 1 AND dom.`aliasdomain` IS NULL AND dom.`iswildcarddomain` = 0 @@ -92,6 +93,7 @@ $updcert_stmt = Database::prepare(" `ssl_ca_file` = :ca, `ssl_cert_chainfile` = :chain, `ssl_csr_file` = :csr, + `ssl_fullchain_file` = :fullchain, `expirationdate` = :expirationdate "); @@ -182,6 +184,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') { 'ca' => $return['chain'], 'chain' => $return['chain'], 'csr' => $return['csr'], + 'fullchain' => $return['fullchain'], 'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t']) )); diff --git a/scripts/jobs/cron_letsencrypt_v2.php b/scripts/jobs/cron_letsencrypt_v2.php index 6b1148d3..6e27361b 100644 --- a/scripts/jobs/cron_letsencrypt_v2.php +++ b/scripts/jobs/cron_letsencrypt_v2.php @@ -55,6 +55,7 @@ $certificates_stmt = Database::query(" dom.`id` = domssl.`domainid` WHERE dom.`customerid` = cust.`customerid` + AND cust.deactivated = 0 AND dom.`letsencrypt` = 1 AND dom.`aliasdomain` IS NULL AND dom.`iswildcarddomain` = 0 @@ -88,6 +89,7 @@ $updcert_stmt = Database::prepare(" `ssl_ca_file` = :ca, `ssl_cert_chainfile` = :chain, `ssl_csr_file` = :csr, + `ssl_fullchain_file` = :fullchain, `expirationdate` = :expirationdate "); @@ -178,6 +180,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') { 'ca' => $return['chain'], 'chain' => $return['chain'], 'csr' => $return['csr'], + 'fullchain' => $return['fullchain'], 'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t']) ));