installer_base.lib.php sets wrong $acme_cert_dir
Summary
Running ispconfig_update.sh on Debian 12 with acme.sh as LE client. When creating certificate it shows
Checking / creating certificate for Using certificate path /etc/letsencrypt/live/
Host has acme.sh as LE client, so no /etc/letsencrypt directory exists.
Steps to reproduce
- ispconfig_update.sh --force
Correct behaviour
It should choose $acme_cert_dir based on what LE client is installed.
Environment
Debian 12.6 ISPConfig 3.2.12
php -v
PHP 8.2.20 (cli) (built: Jun 17 2024 13:33:14) (NTS) Copyright (c) The PHP Group Zend Engine v4.2.20, Copyright (c) Zend Technologies with Zend OPcache v8.2.20, Copyright (c), by Zend Technologies
Proposed fix
The code part starts at line number 3032 in file ispconfig3_install/install/lib/installer_base.lib.php
// Request for certs if no LE SSL folder for server fqdn exist
swriteln('Checking / creating certificate for ' . $hostname);
$acme_cert_dir = '/usr/local/ispconfig/server/scripts/' . $hostname;
$check_acme_file = $acme_cert_dir . '/' . $hostname . '.cer';
if(!@is_dir($acme_cert_dir)) {
$acme_cert_dir = '/root/.acme.sh/' . $hostname;
$check_acme_file = $acme_cert_dir . '/' . $hostname . '.cer';
if(!@is_dir($acme_cert_dir)) {
$acme_cert_dir = '/etc/letsencrypt/live/' . $hostname;
$check_acme_file = $acme_cert_dir . '/cert.pem';
}
}
swriteln('Using certificate path ' . $acme_cert_dir);That sets acme_cert_dir to /etc/letsencrypt if directories /root/.acme.sh/(hostname -f) and /usr/local/ispconfig/server/scripts/$(hostname -f) do not exist. I think that logic is wrong, it should be set based on what LE client is used.