X-Git-Url: https://git.ralfj.de/lets-encrypt-tiny.git/blobdiff_plain/4a2bbe08f681024557ddecdaa87a7da696aeec17..ced309aad271bf75269e224edc5f92ff7868187d:/letsencrypt-tiny?ds=sidebyside diff --git a/letsencrypt-tiny b/letsencrypt-tiny index 658eb07..78d38b7 100755 --- a/letsencrypt-tiny +++ b/letsencrypt-tiny @@ -35,7 +35,7 @@ def make_backup(fname): def trigger_hook(hook): global config - exe = config['hooks'][hook] + exe = config['hooks'].get(hook) if exe is not None: subprocess.check_call([exe]) @@ -58,18 +58,20 @@ def acme(keyfilename, certfilename, domains): # Generating the CSR is done by a shell script exe = os.path.join(os.path.dirname(__file__), 'gencsr') csr = subprocess.check_output([exe, keyfilename] + domains) - assert not os.path.exists(csrfilename) + assert not os.path.exists(csrfilename), "The temporary CSR file {} still exists. It seems something went wrong on a previous request. You may want to remove the file manually.".format(csrfilename) with open(csrfilename, 'wb') as file: file.write(csr) - # call acme-tiny as a script - acme_tiny = os.path.join(config['acme']['acme-tiny'], 'acme_tiny.py') - signed_crt = subprocess.check_output(["python", acme_tiny, "--quiet", "--account-key", accountkey, "--csr", csrfilename, "--acme-dir", config['acme']['challenge-dir']]) - # save new certificate - make_backup(certfilename) - with open(certfilename, 'wb') as f: - f.write(signed_crt) - # clean up - os.remove(csrfilename) + try: + # call acme-tiny as a script + acme_tiny = os.path.join(config['acme']['acme-tiny'], 'acme_tiny.py') + signed_crt = subprocess.check_output(["python", acme_tiny, "--quiet", "--account-key", accountkey, "--csr", csrfilename, "--acme-dir", config['acme']['challenge-dir']]) + # save new certificate + make_backup(certfilename) + with open(certfilename, 'wb') as f: + f.write(signed_crt) + finally: + # clean up + os.remove(csrfilename) def openssl_genrsa(keyfilename): with subprocess.Popen(["openssl", "genrsa", str(int(config['DEFAULT']['key-length']))], stdout=subprocess.PIPE, stderr=subprocess.PIPE) as f: