Browse Source

Solving the problem that the function '_readSubjectAltNamesFromCSR' will cause certificates to not be issued in SAN and CN with the same wildcard domain

pull/5265/head
thomas.chen 4 months ago
parent
commit
9171bc2f55
  1. 8
      acme.sh

8
acme.sh

@ -464,6 +464,12 @@ _contains() {
echo "$_str" | grep -- "$_sub" >/dev/null 2>&1 echo "$_str" | grep -- "$_sub" >/dev/null 2>&1
} }
_contains_fixed() {
_str="$1"
_sub="$2"
echo "$_str" | grep -F -- "$_sub" >/dev/null 2>&1
}
_hasfield() { _hasfield() {
_str="$1" _str="$1"
_field="$2" _field="$2"
@ -1345,7 +1351,7 @@ _readSubjectAltNamesFromCSR() {
_dnsAltnames="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile" | grep "^ *DNS:.*" | tr -d ' \n')" _dnsAltnames="$(${ACME_OPENSSL_BIN:-openssl} req -noout -text -in "$_csrfile" | grep "^ *DNS:.*" | tr -d ' \n')"
_debug _dnsAltnames "$_dnsAltnames" _debug _dnsAltnames "$_dnsAltnames"
if _contains "$_dnsAltnames," "DNS:$_csrsubj,"; then
if _contains_fixed "$_dnsAltnames," "DNS:$_csrsubj,"; then
_debug "AltNames contains subject" _debug "AltNames contains subject"
_excapedAlgnames="$(echo "$_dnsAltnames" | tr '*' '#')" _excapedAlgnames="$(echo "$_dnsAltnames" | tr '*' '#')"
_debug _excapedAlgnames "$_excapedAlgnames" _debug _excapedAlgnames "$_excapedAlgnames"

Loading…
Cancel
Save