diff --git a/data/Dockerfiles/acme/docker-entrypoint.sh b/data/Dockerfiles/acme/docker-entrypoint.sh index 78b523484..780b88b9f 100755 --- a/data/Dockerfiles/acme/docker-entrypoint.sh +++ b/data/Dockerfiles/acme/docker-entrypoint.sh @@ -149,7 +149,7 @@ verify_challenge_path(){ [[ ! -f ${ACME_BASE}/dhparams.pem ]] && cp ${SSL_EXAMPLE}/dhparams.pem ${ACME_BASE}/dhparams.pem -if [[ -f ${ACME_BASE}/cert.pem ]] && [[ -f ${ACME_BASE}/key.pem ]]; then +if [[ -f ${ACME_BASE}/cert.pem ]] && [[ -f ${ACME_BASE}/key.pem ]] && [[ $(stat -c%s ${ACME_BASE}/cert.pem) != 0 ]]; then ISSUER=$(openssl x509 -in ${ACME_BASE}/cert.pem -noout -issuer) if [[ ${ISSUER} != *"Let's Encrypt"* && ${ISSUER} != *"mailcow"* && ${ISSUER} != *"Fake LE Intermediate"* ]]; then log_f "Found certificate with issuer other than mailcow snake-oil CA and Let's Encrypt, skipping ACME client..." diff --git a/docker-compose.yml b/docker-compose.yml index b28605199..5341f4ebc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -307,7 +307,7 @@ services: acme-mailcow: depends_on: - nginx-mailcow - image: mailcow/acme:1.52 + image: mailcow/acme:1.53 build: ./data/Dockerfiles/acme dns: - ${IPV4_NETWORK:-172.22.1}.254