softer behaviour: do not revoke changed certs (add does not stop; ensure does not delete)

6c45cba4 · Hahn Axel (hahn) · fc25dbab · 6c45cba4
Commit 6c45cba4 authored 3 years ago by Hahn Axel (hahn)
--- a/cm.sh
+++ b/cm.sh
@@ -22,6 +22,7 @@
 # 2021-04-12  <axel.hahn@iml.unibe.ch>  optional: force excecution with a given user only
 # 2021-06-24  <axel.hahn@iml.unibe.ch>  added transfer command; delete files if acme.sh --install-cert ... failes
 # 2021-07-14  <axel.hahn@iml.unibe.ch>  added _wait_for_free_slot in cert actions to execute multiple processes sequentially
+# 2021-09-27  <axel.hahn@iml.unibe.ch>  softer behaviour: do not revoke changed certs (add does not stop; ensure does not delete)
 # ======================================================================


@@ -82,8 +83,10 @@ function _certMustExist(){
 function _certMustNotExist(){
 	_certExists
 	if [ $? -eq 0 ]; then
-		echo "ERROR: cert ${CM_fqdn} was added already."
-		exit 1
+		echo "WARNING: cert ${CM_fqdn} was added already."
+		# exit 1
+		echo "Press Ctrl+C to abort within the next 10 sec..."
+		sleep 10
 	fi
 }

@@ -327,7 +330,7 @@ function _testFqdncount(){
 function public_add(){
 	_wait_for_free_slot
 	_requiresFqdn
-	_certMustNotExist
+    _certMustNotExist

 	for myhost in $( echo $CM_fqdn $*)
 	do 
@@ -378,8 +381,9 @@ function public_ensure(){
 			_wd "--- DNS aliases match ... renew it (ignore --force - it comes from acme.sh)"
 			public_renew $*
 		else
-			_wd "--- DNS aliases do NOT match ... deleting cert and create a new one"
-			public_delete $*
+			# _wd "--- DNS aliases do NOT match ... deleting cert and create a new one"
+			# public_delete $*
+			_wd "--- DNS aliases do NOT match ... creating a new one"
 			public_add $*
 		fi
 	else