From 071d8c4cbef639cb03c53cd0a71104404aa70d04 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 31 Jan 2021 18:15:51 +0100 Subject: [PATCH] Misc fixes for cert / local CA management --- data/hooks/conf_regen/02-ssl | 5 ++++- src/yunohost/certificate.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/data/hooks/conf_regen/02-ssl b/data/hooks/conf_regen/02-ssl index 0cb38df7b..e65cfca60 100755 --- a/data/hooks/conf_regen/02-ssl +++ b/data/hooks/conf_regen/02-ssl @@ -27,7 +27,7 @@ regen_local_ca() { rm -f index.txt touch index.txt cp /usr/share/yunohost/templates/ssl/openssl.cnf openssl.ca.cnf - sed -i s/yunohost.org/${domain}/g openssl.ca.cnf + sed -i 's/yunohost.org/${domain}/g' openssl.ca.cnf openssl req -x509 \ -new \ -config openssl.ca.cnf \ @@ -57,6 +57,9 @@ do_init_regen() { chown root:root $LOGFILE chmod 640 $LOGFILE + # Make sure this conf exists + cp /usr/share/yunohost/templates/ssl/openssl.cnf ${ssl_dir}/openssl.ca.cnf + # create default certificates if [[ ! -f "$ynh_ca" ]]; then regen_local_ca yunohost.org >>$LOGFILE diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 3b941ed62..23903c92c 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -641,7 +641,7 @@ def _get_status(domain): valid_up_to = datetime.strptime(cert.get_notAfter().decode('utf-8'), "%Y%m%d%H%M%SZ") days_remaining = (valid_up_to - datetime.utcnow()).days - if cert_issuer == _name_self_CA(): + if cert_issuer == 'yunohost.org' or cert_issuer == _name_self_CA(): CA_type = { "code": "self-signed", "verbose": "Self-signed",