Skip to content
Snippets Groups Projects
Commit f979f131 authored by Deucе's avatar Deucе :ok_hand_tone4:
Browse files

Update letsyncrypt.key as well as the SSL/SSH keys when syspass is changed.

Currently, this is hard-coding the name of the key, which should
be read from the letsyncrypt.ini file in case someone is using an
ACME v2 service that is not provided by letsyncrypt.org.
parent e2bb9dde
No related branches found
No related tags found
1 merge request!463MRC mods by Codefenix (2024-10-20)
......@@ -118,7 +118,7 @@ void sys_cfg(void)
if(!i) {
cfg.new_install=new_install;
if(strcmp(sys_pass, cfg.sys_pass) != 0) {
if(fexist("ssl.cert") || fexist("cryptlib.key")) {
if(fexist("ssl.cert") || fexist("cryptlib.key") || fexist("letsyncrypt.key") {
CRYPT_KEYSET ssl_keyset;
CRYPT_CONTEXT ssl_context = -1;
int status;
......@@ -138,6 +138,14 @@ void sys_cfg(void)
cryptKeysetClose(ssl_keyset);
}
if (cryptStatusOK(status = cryptKeysetOpen(&ssl_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, "letsyncrypt.key", CRYPT_KEYOPT_NONE)))
// TODO: The name in the next two lines should be read from the Host line in the State section of the letsyncrypt.ini file.
if (cryptStatusOK(status = cryptGetPrivateKey(ssl_keyset, &ssl_context, CRYPT_KEYID_NAME, "acme-v02.api.letsencrypt.org", sys_pass)))
if (cryptStatusOK(status = cryptDeleteKey(ssl_keyset, CRYPT_KEYID_NAME, "acme-v02.api.letsencrypt.org"))) {
ignoreme = cryptAddPrivateKey(ssl_keyset, ssl_context, cfg.sys_pass);
cryptKeysetClose(ssl_keyset);
}
(void)ignoreme;
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment