Cert bugfix

yunohost_domain.py

@@ -68,6 +68,28 @@ def domain_add(domains, web=False):
             domains = [ domains ]
 
         for domain in domains:
+            ssl_dir = '/usr/share/yunohost/yunohost-config/ssl/yunoCA'
+            ssl_domain_path  = '/etc/yunohost/certs/'+ domain
+            with open(ssl_dir +'/serial', 'r') as f:
+                serial = f.readline().rstrip()
+            try: os.listdir(ssl_domain_path)
+            except OSError: os.makedirs(ssl_domain_path)
+
+            command_list = [
+                'cp '+ ssl_dir +'/openssl.cnf '+ ssl_domain_path,
+                'sed -i "s/yunohost.org/' + domain + '/g" '+ ssl_domain_path +'/openssl.cnf',
+                'openssl req -new -config '+ ssl_domain_path +'/openssl.cnf -days 3650 -out '+ ssl_dir +'/certs/yunohost_csr.pem -keyout '+ ssl_dir +'/certs/yunohost_key.pem -nodes -batch',
+                'openssl ca -config '+ ssl_domain_path +'/openssl.cnf -days 3650 -in '+ ssl_dir +'/certs/yunohost_csr.pem -out '+ ssl_dir +'/certs/yunohost_crt.pem -batch',
+                'ln -s /etc/ssl/certs/ca-yunohost_crt.pem   '+ ssl_domain_path +'/ca.pem',
+                'cp '+ ssl_dir +'/certs/yunohost_key.pem    '+ ssl_domain_path +'/key.pem',
+                'cp '+ ssl_dir +'/newcerts/'+ serial +'.pem '+ ssl_domain_path +'/crt.pem',
+                'chmod 600 '+ ssl_domain_path +'/key.pem'
+            ]
+
+            for command in command_list:
+                if os.system(command) != 0:
+                    raise YunoHostError(17, _("An error occurred during certificate generation"))
+
             if web:
                 lemon_configuration({
                     ('exportedHeaders', domain, 'Auth-User'): '$uid',
@@ -130,28 +152,6 @@ def domain_add(domains, web=False):
 
             os.system('service bind9 reload')
 
-            ssl_dir = '/usr/share/yunohost/yunohost-config/ssl/yunoCA'
-            ssl_domain_path  = '/etc/yunohost/certs/'+ domain
-            with open(ssl_dir +'/serial', 'r') as f:
-                serial = f.readline().rstrip()
-            try: os.listdir(ssl_domain_path)
-            except OSError: os.makedirs(ssl_domain_path)
-
-            command_list = [
-                'cp '+ ssl_dir +'/openssl.cnf '+ ssl_domain_path,
-                'sed -i "s/yunohost.org/' + domain + '/g" '+ ssl_domain_path +'/openssl.cnf',
-                'openssl req -new -config '+ ssl_domain_path +'/openssl.cnf -days 3650 -out '+ ssl_dir +'/certs/yunohost_csr.pem -keyout '+ ssl_dir +'/certs/yunohost_key.pem -nodes -batch',
-                'openssl ca -config '+ ssl_domain_path +'/openssl.cnf -days 3650 -in '+ ssl_dir +'/certs/yunohost_csr.pem -out '+ ssl_dir +'/certs/yunohost_crt.pem -batch',
-                'ln -s /etc/ssl/certs/ca-yunohost_crt.pem   '+ ssl_domain_path +'/ca.pem',
-                'cp '+ ssl_dir +'/certs/yunohost_key.pem    '+ ssl_domain_path +'/key.pem',
-                'cp '+ ssl_dir +'/newcerts/'+ serial +'.pem '+ ssl_domain_path +'/crt.pem',
-                'chmod 600 '+ ssl_domain_path +'/key.pem'
-            ]
-
-            for command in command_list:
-                if os.system(command) != 0:
-                    raise YunoHostError(17, _("An error occurred during certificate generation"))
-
             if yldap.add('virtualdomain=' + domain + ',ou=domains', attr_dict):
                 result.append(domain)
                 continue

yunohost_tools.py

@@ -130,6 +130,8 @@ def tools_maindomain(old_domain, new_domain):
             lemon_conf.write(line + '\n')
 
     os.system('rm /etc/yunohost/apache/domains/' + old_domain + '.d/*.fixed.conf') # remove SSO apache conf dir from old domain conf (fail if postinstall)
+    os.system('rm /etc/ssl/private/yunohost_key.pem')
+    os.system('rm /etc/ssl/certs/yunohost_crt.pem')
 
     command_list = [
         'cp /etc/yunohost/apache/templates/sso.fixed.conf   /etc/yunohost/apache/domains/' + new_domain + '.d/sso.fixed.conf', # add SSO apache conf dir to new domain conf