do not keep CSRs

diff --git a/letsencrypt-tiny b/letsencrypt-tiny
index 4503a6ef4b29bac20aa4327afc7c325496efbd3d..3b89db7b9d2dcec7d7d1230ced46727a0e942a39 100755 (executable)
--- a/letsencrypt-tiny
+++ b/letsencrypt-tiny
@@ -21,7 +21,7 @@ def keyfile(name):
 
 def csrfile(name):
     global config
 
 def csrfile(name):
     global config

-    return os.path.join(config['dirs']['csrs'], name + ".csr")
+    return os.path.join(config['dirs']['keys'], name + ".csr.tmp")

 
 def make_backup(fname):
     if os.path.exists(fname):
 
 def make_backup(fname):
     if os.path.exists(fname):


@@ -65,6 +65,8 @@ def acme(name, domains):
     make_backup(certfile(name))
     with open(certfile(name), 'wb') as f:
         f.write(signed_crt)
     make_backup(certfile(name))
     with open(certfile(name), 'wb') as f:
         f.write(signed_crt)

+    # clean up
+    os.remove(csrfile(name))

 
 def request_cert(name):
     global config
 
 def request_cert(name):
     global config

diff --git a/letsencrypt-tiny.conf.sample b/letsencrypt-tiny.conf.sample
index c8c91bc56f8a7261794a30fa068aae300b6f6831..5369fdcde10b48458274cb8cdd2c811d027a8738 100644 (file)
--- a/letsencrypt-tiny.conf.sample
+++ b/letsencrypt-tiny.conf.sample
@@ -34,7 +34,6 @@ challenge-dir = /srv/acme-challenge/
 [dirs]
 certs = /etc/ssl/mycerts/letsencrypt
 keys = /etc/ssl/private/letsencrypt
 [dirs]
 certs = /etc/ssl/mycerts/letsencrypt
 keys = /etc/ssl/private/letsencrypt

-csrs = /etc/ssl/private/letsencrypt

 backups = /etc/ssl/old/letsencrypt
 
 [files]
 backups = /etc/ssl/old/letsencrypt
 
 [files]