Issue #52 details a scenario where a failure during ACME validation can leave the target system in a failed state where HTTPS does not work at all. The nature of the problem is that the new .key file is written before the ACME validation step runs. If that validation fails, then the system is left with a new .key file and an old .crt file, which is invalid.
This change is to first write the new .key to a .key.tmp file, do the ACME validation, store the .crt, then rename the .key.tmp file to .key before purging the cache.
Checklist
Before creating a PR, run through this checklist and mark each as complete.
Proposed changes
Issue #52 details a scenario where a failure during ACME validation can leave the target system in a failed state where HTTPS does not work at all. The nature of the problem is that the new .key file is written before the ACME validation step runs. If that validation fails, then the system is left with a new
.keyfile and an old.crtfile, which is invalid.This change is to first write the new
.keyto a.key.tmpfile, do the ACME validation, store the.crt, then rename the.key.tmpfile to.keybefore purging the cache.Checklist
Before creating a PR, run through this checklist and mark each as complete.
CONTRIBUTINGdocumentREADME.mdandCHANGELOG.md)