search

dehydrated-io / dehydrated

letsencrypt/acme client implemented as a shell-script – just add water
https://dehydrated.io
MIT License
5.96k stars 716 forks source link

SANs broken since 31st #849

Closed paulkaweb closed 2 years ago

paulkaweb commented 2 years ago

Hello, we seem to be having issues creating/renewing certs since your last commits.. the problem seems to stem from this change:

-    altnames="$( <<<"${altnames}" _sed -e 's/^[[:space:]]*//; s/, /'"'$'\n'"'/g' )"
+    altnames="$( <<<"${altnames}" _sed -e 's/^[[:space:]]*//; s/, /\'$'\n''/g' )"

now causes the following:

root@foo:~# openssl req -noout -text -in /etc/apache2/ssl/www.example.com.csr | awk '/X509v3 Subject Alternative Name:/{print;getline;print;}' | tail -n1 | sed -r -e 's/^[[:space:]]*//; s/, /'"'$'\n'"'/g' DNS:example.com'$' 'DNS:www.example.com

what should happen:

root@foo:~# openssl req -noout -text -in /etc/apache2/ssl/www.example.com.csr | awk '/X509v3 Subject Alternative Name:/{print;getline;print;}' | tail -n1 | sed -r -e 's/^[[:space:]]*//; s/, /\'$'\n''/g' DNS:example.com DNS:www.example.com

lukas2511 commented 2 years ago

Thanks for reporting. I reverted that change and it should hopefully be working again.