[pmg-devel] [PATCH api] fix revocation of old certificate on renewal
Wolfgang Bumiller
w.bumiller at proxmox.com
Wed Mar 17 11:12:18 CET 2021
in PMG key and certificate are in the same file so we need
to extract the certificate (like in the revoke api call)
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
src/PMG/API2/Certificates.pm | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/PMG/API2/Certificates.pm b/src/PMG/API2/Certificates.pm
index b50addd..1a6c434 100644
--- a/src/PMG/API2/Certificates.pm
+++ b/src/PMG/API2/Certificates.pm
@@ -610,7 +610,11 @@ __PACKAGE__->register_method ({
if (defined($old_cert)) {
print "Revoking old certificate\n";
- eval { $acme->revoke_certificate($old_cert, undef) };
+ eval {
+ $old_cert = pem_certificate($old_cert)
+ or die "no certificate section found in '$cert_path'\n";
+ $acme->revoke_certificate($old_cert, undef);
+ };
warn "Revoke request to CA failed: $@" if $@;
}
};
--
2.20.1
More information about the pmg-devel
mailing list