ISTI-ansible-roles
/
ansible-role-haproxy
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove the OCSP issuer file if it's obsolete.

This commit is contained in:
Andrea Dell'Amico 2020-12-16 19:27:48 +01:00
parent f8606f3f9f
commit 9f4379926c
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
templates/haproxy-letsencrypt-acme.sh.j2
View File

@ -40,8 +40,14 @@ fi
# Run the OCSP stapling script
if [ -x /usr/local/bin/hapos-upd ] ; then
upd_retval=
echo "Run the OCSP stapling updater script" >> $LE_LOG_DIR/haproxy.log
/usr/local/bin/hapos-upd --cert {{ haproxy_cert_dir }}/haproxy.pem -v ${LE_CERTS_DIR}/fullchain -s {{ haproxy_admin_socket }} -v - >> $LE_LOG_DIR/haproxy.log 2>&1
upd_retval=$?
if [ $upd_retval -ne 0 ] ; then
rm -f ${HAPROXY_CERTFILE}.issuer
/usr/local/bin/hapos-upd --cert {{ haproxy_cert_dir }}/haproxy.pem -v ${LE_CERTS_DIR}/fullchain -s {{ haproxy_admin_socket }} -v - >> $LE_LOG_DIR/haproxy.log 2>&1
fi
else
echo "No OCPS stapling updater script" >> $LE_LOG_DIR/haproxy.log
fi