From: David Yang <redacted>
Date: Mon, 27 Apr 2020 01:57:09 +0000 (+0800)
Subject: acme: Handle ecc cert correctly
X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=0d2240481b75222a4a86195660b7d4b1a6c97f1f;p=openwrt-packages.git

acme: Handle ecc cert correctly

Error was:
  The domain 'example.com' seems to have a ECC cert already, please add '--ecc' parameter if you want to use that cert.

Signed-off-by: David Yang <redacted>
---

diff --git a/net/acme/files/run.sh b/net/acme/files/run.sh
index b01003687..bec94bcce 100644
--- a/net/acme/files/run.sh
+++ b/net/acme/files/run.sh
@@ -183,6 +183,7 @@ issue_cert()
     local update_uhttpd
     local update_nginx
     local keylength
+    local keylength_ecc=0
     local domains
     local main_domain
     local moved_staging=0
@@ -215,6 +216,7 @@ issue_cert()
 
     if echo $keylength | grep -q "^ec-"; then
         domain_dir="$STATE_DIR/${main_domain}_ecc"
+        keylength_ecc=1
     else
         domain_dir="$STATE_DIR/${main_domain}"
     fi
@@ -234,6 +236,7 @@ issue_cert()
             moved_staging=1
         else
             log "Found previous cert config. Issuing renew."
+            [ "$keylength_ecc" -eq "1" ] && acme_args="$acme_args --ecc"
             run_acme --home "$STATE_DIR" --renew -d "$main_domain" $acme_args && ret=0 || ret=1
             post_checks
             return $ret