search

zenhack / simp_le

Simple Let's Encrypt client
GNU General Public License v3.0
223 stars 38 forks source link

No newline at end of pem file - gets mangled when concatenated #149

Open tometzky opened 2 years ago

tometzky commented 2 years ago

Please ensure that the pem files generated by simp_le always end with a newline, so they can be joined together just by using cat. For example:

$ cat cert.pem chain.pem

It should create a valid pem file, but instead it creates a file looking like this:

-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE----------BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
…
-----END CERTIFICATE-----

Which causes errors like for example:

Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line

I think it worked correctly a few months ago, but stopped working recently. I noticed it broke my service when I renewed some cert today. It is possible that Let's Encrypt changed the way they return certificates - maybe they stopped adding those newlines on their side.

zenhack commented 2 years ago

Quoting tometzky (2021-09-05 18:18:55)

It is possible that Let's Encrypt changed the way they return certificates - maybe they stopped adding those newlines on their side.

Probably, or perhaps something changed in one of the libraries we depend on -- nothing has changed in simp_le itself. I'd be fine with adding the newline back in ourselves, but won't make promises as to when I'll get around to it. Patches welcome.