diff --git a/lib/classes/ssl/class.lescript.php b/lib/classes/ssl/class.lescript.php
index 3231a19e..aeb1d973 100644
--- a/lib/classes/ssl/class.lescript.php
+++ b/lib/classes/ssl/class.lescript.php
@@ -30,15 +30,12 @@ class lescript
{
public $license = 'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf';
- private $webRootDir;
-
private $logger;
private $client;
private $accountKey;
- public function __construct($webRootDir, $logger)
+ public function __construct($logger)
{
- $this->webRootDir = $webRootDir;
$this->logger = $logger;
if (Settings::Get('system.letsencryptca') == 'production') {
$ca = 'https://acme-v01.api.letsencrypt.org';
@@ -103,7 +100,7 @@ class lescript
);
if (!array_key_exists('challenges', $response)) {
- throw new RuntimeException("No challenges received for $domain. Whole response: ".json_encode($response));
+ throw new RuntimeException("No challenges received for $domain. Whole response: ".json_encode($response));
}
// choose http-01 challange only
@@ -117,7 +114,7 @@ class lescript
// 2. saving authentication token for web verification
// ---------------------------------------------------
- $directory = $this->webRootDir.'/.well-known/acme-challenge';
+ $directory = FROXLOR_INSTALL_DIR.'/.well-known/acme-challenge';
$tokenPath = $directory.'/'.$challenge['token'];
if(!file_exists($directory) && !@mkdir($directory, 0755, true)) {
diff --git a/lib/configfiles/gentoo.xml b/lib/configfiles/gentoo.xml
index a6e0b29f..77e0c038 100644
--- a/lib/configfiles/gentoo.xml
+++ b/lib/configfiles/gentoo.xml
@@ -61,6 +61,16 @@
Allow from env=REDIRECT_STATUS
+]]>
+
+
+
+
+ Order allow,deny
+ Allow from all
+
]]>
@@ -81,6 +91,15 @@
Require env REDIRECT_STATUS
+]]>
+
+
+
+
+ Require all granted
+
]]>
@@ -147,7 +166,10 @@ fastcgi.server = (
"bin-copy-environment" => ( "" )
)
)
-)
+)
+
+alias.url += ("/.well-known/acme-challenge/" => "{{const.FROXLOR_INSTALL_DIR}}/.well-known/acme-challenge/")
+
]]>
@@ -237,6 +259,18 @@ fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
+]]>
+
+
+
+
diff --git a/lib/configfiles/jessie.xml b/lib/configfiles/jessie.xml
index e75bbb41..53c6e96d 100644
--- a/lib/configfiles/jessie.xml
+++ b/lib/configfiles/jessie.xml
@@ -64,6 +64,15 @@
Require env REDIRECT_STATUS
+]]>
+
+
+
+
+ Require all granted
+
]]>
@@ -98,6 +107,8 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
+alias.url += ("/.well-known/acme-challenge/" => "{{const.FROXLOR_INSTALL_DIR}}/.well-known/acme-challenge/")
+
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
@@ -269,6 +280,18 @@ fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
+]]>
+
+
+
+
diff --git a/lib/configfiles/precise.xml b/lib/configfiles/precise.xml
index 460882fa..8ab43b2d 100644
--- a/lib/configfiles/precise.xml
+++ b/lib/configfiles/precise.xml
@@ -62,6 +62,16 @@
Allow from env=REDIRECT_STATUS
+]]>
+
+
+
+
+ Order allow,deny
+ Allow from all
+
]]>
@@ -126,6 +136,8 @@ fastcgi.server = (
)
)
+alias.url += ("/.well-known/acme-challenge/" => "{{const.FROXLOR_INSTALL_DIR}}/.well-known/acme-challenge/")
+
#### external configuration files
## mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
@@ -227,6 +239,18 @@ fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
+]]>
+
+
+
+
diff --git a/lib/configfiles/rhel_centos.xml b/lib/configfiles/rhel_centos.xml
index a01a7aeb..3bc93d28 100644
--- a/lib/configfiles/rhel_centos.xml
+++ b/lib/configfiles/rhel_centos.xml
@@ -47,6 +47,15 @@
//service[@type='http']/general/commands
+
+
+ Require all granted
+
+]]>
+
+
diff --git a/lib/configfiles/trusty.xml b/lib/configfiles/trusty.xml
index a4ef51f5..af6fec92 100644
--- a/lib/configfiles/trusty.xml
+++ b/lib/configfiles/trusty.xml
@@ -82,6 +82,15 @@
Require env REDIRECT_STATUS
+]]>
+
+
+
+
+ Require all granted
+
]]>
@@ -146,6 +155,8 @@ fastcgi.server = (
)
)
+alias.url += ("/.well-known/acme-challenge/" => "{{const.FROXLOR_INSTALL_DIR}}/.well-known/acme-challenge/")
+
#### external configuration files
## mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
@@ -247,6 +258,18 @@ fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
+]]>
+
+
+
+
diff --git a/lib/configfiles/wheezy.xml b/lib/configfiles/wheezy.xml
index 531453c0..95d19d9e 100644
--- a/lib/configfiles/wheezy.xml
+++ b/lib/configfiles/wheezy.xml
@@ -82,6 +82,15 @@
Require env REDIRECT_STATUS
+]]>
+
+
+
+
+ Require all granted
+
]]>
@@ -116,6 +125,8 @@ static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
+alias.url += ("/.well-known/acme-challenge/" => "{{const.FROXLOR_INSTALL_DIR}}/.well-known/acme-challenge/")
+
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
@@ -287,6 +298,18 @@ fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
+]]>
+
+
+
+
diff --git a/scripts/jobs/cron_letsencrypt.php b/scripts/jobs/cron_letsencrypt.php
index 2ea8c8ce..b97afe38 100644
--- a/scripts/jobs/cron_letsencrypt.php
+++ b/scripts/jobs/cron_letsencrypt.php
@@ -68,7 +68,7 @@ while ($certrow = $certificates_stmt->fetch(PDO::FETCH_ASSOC)) {
try {
// Initialize Lescript with documentroot
- $le = new lescript($certrow['documentroot'], $cronlog);
+ $le = new lescript($cronlog);
// Initialize Lescript
$le->initAccount($certrow);