add field for fullchain to be stored in ssl-certificates-table; create fullchain file if given (it's not used by froxlor); do not generate/renew certificates for disabled customers domains

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2018-02-25 18:22:15 +01:00
parent d5b9ad3452
commit 2b366c8f23
6 changed files with 22 additions and 2 deletions
--- a/scripts/jobs/cron_letsencrypt.php
+++ b/scripts/jobs/cron_letsencrypt.php
@@ -60,6 +60,7 @@ $certificates_stmt = Database::query("
 				dom.`id` = domssl.`domainid`
 		WHERE
 			dom.`customerid` = cust.`customerid`
+			AND cust.deactivated = 0
 			AND dom.`letsencrypt` = 1
 			AND dom.`aliasdomain` IS NULL
 			AND dom.`iswildcarddomain` = 0
@@ -92,6 +93,7 @@ $updcert_stmt = Database::prepare("
 			`ssl_ca_file` = :ca,
 			`ssl_cert_chainfile` = :chain,
 			`ssl_csr_file` = :csr,
+			`ssl_fullchain_file` = :fullchain,
 			`expirationdate` = :expirationdate
 	");

@@ -182,6 +184,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
+				'fullchain' => $return['fullchain'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));