Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add --replace-cert-domains flag to renew #2355

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feat: add --replace-cert-domains flag to renew #2355

wants to merge 3 commits into from

Conversation

m1cr0man
Copy link

Closes #1532

When changing the --domains values, the certificate will not be refreshed to update the SANs appropriately.

This change introduces a simple flag to check + enforce that the domains specified match exactly those in the certificate during renewal.

I couldn't see a straightforward way to contribute a unit test for this, but I performed a full integration test using the NixOS ACME integration test suite. You can run that test locally with this command:

nix run github:m1cr0man/nixpkgs/lego-domain-testing#nixosTests.acme

@m1cr0man
feat: add --overwrite-domains flag to renew
672af55 
Closes go-acme#1532

When changing the --domains values, the certificate will not be
refreshed to update the SANs appropriately.

This change introduces a simple flag to check + enforce that
the domains specified match exactly those in the certififcate during
renewal.
@ldez ldez self-requested a review November 18, 2024 23:36
@m1cr0man
Copy link
Author

It was suggested to me to name this option --replace-cert-domains rather than --overwrite-domains. I think it makes the purpose + functionality of the flag more obvious. If there's no disagreement I will update this PR tonight.

@m1cr0man m1cr0man changed the title feat: add --overwrite-domains flag to renew feat: add --replace-cert-domains flag to renew Nov 20, 2024
@m1cr0man
Copy link
Author

Done but I didn't squash it, as I would have to squash Idez' changes into mine. Can we squash merge on submit?

@ldez
Copy link
Member

ldez commented Nov 20, 2024

The changes should be addressed through commits to ease the review, so no squash.

I merge the PRs with the "squash and merge" button, so in the end, everything will be squashed, no need to "fixup".

@ldez
Copy link
Member

ldez commented Nov 20, 2024

My nickname is LDEZ.

@m1cr0man
Copy link
Author

My nickname is LDEZ.

Oh sorry, I should have double checked!

@ldez ldez added this to the unreleased milestone Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldez ldez Awaiting requested review from ldez

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area/cli enhancement
Milestone
unreleased
Development

Successfully merging this pull request may close these issues.

Renew only specified domains
2 participants
@m1cr0man @ldez