projects
/
lets-encrypt-tiny.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix certfile existence check
[lets-encrypt-tiny.git]
/
letsencrypt-tiny
diff --git
a/letsencrypt-tiny
b/letsencrypt-tiny
index 7f23ad5cc0e0242c10272dad17533792a073c529..26b2c1d5e3163b661b5c0ad3c285cd2acf94762f 100755
(executable)
--- a/
letsencrypt-tiny
+++ b/
letsencrypt-tiny
@@
-1,5
+1,5
@@
#!/usr/bin/env python3
#!/usr/bin/env python3
-##
Call with "--help"
for documentation.
+##
See <https://www.ralfj.de/blog/2017/12/26/lets-encrypt.html>
for documentation.
import argparse, configparser, itertools, stat, os, os.path, sys, subprocess, datetime
import argparse, configparser, itertools, stat, os, os.path, sys, subprocess, datetime
@@
-123,9
+123,12
@@
def auto_renewal(live, staging):
# determine what to do
now = datetime.datetime.now()
key_age = now - key_mtime(live)
# determine what to do
now = datetime.datetime.now()
key_age = now - key_mtime(live)
- cert_validity = cert_expiry(live) - now
need_new_key = key_age >= max_key_age
need_new_key = key_age >= max_key_age
- need_new_cert = cert_validity <= renew_cert_time
+ if os.path.exists(certfile(live)):
+ cert_validity = cert_expiry(live) - now
+ need_new_cert = cert_validity <= renew_cert_time
+ else:
+ need_new_cert = True
if need_new_cert and key_age + renew_cert_time >= max_key_age:
# We are about to request a new certificate, and within <renew_cert_time>, we need a new key: Get the new key now
need_new_key = True
if need_new_cert and key_age + renew_cert_time >= max_key_age:
# We are about to request a new certificate, and within <renew_cert_time>, we need a new key: Get the new key now
need_new_key = True