1
0
mirror of https://github.com/go-acme/lego.git synced 2025-01-03 15:23:32 +02:00

fix: don't generate ARI cert ID if ARI is not enable (#2138)

This commit is contained in:
Ludovic Fernandez 2024-03-11 00:04:53 +01:00 committed by GitHub
parent 719d26c0fc
commit 19bbefbc8c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -187,11 +187,6 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
time.Sleep(sleepTime)
}
replacesCertID, err := certificate.MakeARICertID(cert)
if err != nil {
log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
}
request := certificate.ObtainRequest{
Domains: merge(certDomains, domains),
PrivateKey: privateKey,
@ -201,7 +196,13 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif
Bundle: bundle,
PreferredChain: ctx.String("preferred-chain"),
AlwaysDeactivateAuthorizations: ctx.Bool("always-deactivate-authorizations"),
ReplacesCertID: replacesCertID,
}
if ctx.Bool("ari-enable") {
request.ReplacesCertID, err = certificate.MakeARICertID(cert)
if err != nil {
log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
}
}
certRes, err := client.Certificate.Obtain(request)
@ -262,11 +263,6 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
timeLeft := cert.NotAfter.Sub(time.Now().UTC())
log.Infof("[%s] acme: Trying renewal with %d hours remaining", domain, int(timeLeft.Hours()))
replacesCertID, err := certificate.MakeARICertID(cert)
if err != nil {
log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
}
request := certificate.ObtainForCSRRequest{
CSR: csr,
NotBefore: getTime(ctx, "not-before"),
@ -274,7 +270,13 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat
Bundle: bundle,
PreferredChain: ctx.String("preferred-chain"),
AlwaysDeactivateAuthorizations: ctx.Bool("always-deactivate-authorizations"),
ReplacesCertID: replacesCertID,
}
if ctx.Bool("ari-enable") {
request.ReplacesCertID, err = certificate.MakeARICertID(cert)
if err != nil {
log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err)
}
}
certRes, err := client.Certificate.ObtainForCSR(request)