From 46230badbe21f7c4337fef7369defd6f2372a5cf Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 8 Dec 2015 17:04:23 +0100
Subject: [PATCH] - wildcard domains not supported by letsencrypt, yet

---
 server/plugins-available/apache2_plugin.inc.php |  6 ++++++
 server/plugins-available/nginx_plugin.inc.php   | 11 ++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 41e9a6f627..2854593367 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -1113,6 +1113,12 @@ class apache2_plugin {
 
 		//* Generate Let's Encrypt SSL certificat
 		if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
+			if(substr($domain, 0, 2) === '*.') {
+				// wildcard domain not yet supported by letsencrypt!
+				$app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
+				$domain = substr($domain, 2);
+			}
+			
 			$data['new']['ssl_domain'] = $domain;
 			$vhost_data['ssl_domain'] = $domain;
 
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 437ff6429e..4c2e41ebde 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1153,6 +1153,15 @@ class nginx_plugin {
 		//* Generate Let's Encrypt SSL certificat
 		if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
 			//* be sure to have good domain
+			if(substr($domain, 0, 2) === '*.') {
+				// wildcard domain not yet supported by letsencrypt!
+				$app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
+				$domain = substr($domain, 2);
+			}
+			
+			$data['new']['ssl_domain'] = $domain;
+			$vhost_data['ssl_domain'] = $domain;
+			
 			$lddomain = (string) "$domain";
 			if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
 				$lddomain .= (string) " --domains www." . $domain;
@@ -1183,7 +1192,7 @@ class nginx_plugin {
 				$app->system->chmod($webroot . "/.well-known/acme-challenge", "g+s");
 				
 				if(file_exists("/root/.local/share/letsencrypt/bin/letsencrypt")) {
-					$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator=webroot --server=https://acme-v01.api.letsencrypt.org/directory --rsa-key-size=4096 --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
+					$this->_exec("/root/.local/share/letsencrypt/bin/letsencrypt auth --text --agree-tos --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path " . escapeshellarg($webroot));
 				}
 			};
 
-- 
GitLab