From 94ffed10c93a84e8b5a113b78f4db5e4195fe18b Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Fri, 7 Feb 2020 14:54:39 +0100
Subject: [PATCH] acme-sh-request-cert: do not fail if there's a valid, and not
 expiring, certificate already.

---
 .../letsencrypt-acme-sh-client/files/acme-sh-request-cert     | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert b/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert
index 07716fe..327789b 100644
--- a/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert
+++ b/library/roles/letsencrypt-acme-sh-client/files/acme-sh-request-cert
@@ -48,4 +48,8 @@ if [ $RETVAL -eq 0 ] ; then
     touch "$ACME_SH_CONFIG_HOME/ok_certificate_issued"
 fi
 
+if [ $RETVAL -eq 2 ] ; then
+    # There is a valid certificate already
+    exit 0
+fi
 exit $RETVAL