diff --git a/wo/cli/plugins/site.py b/wo/cli/plugins/site.py index fd991f3..92dffc8 100644 --- a/wo/cli/plugins/site.py +++ b/wo/cli/plugins/site.py @@ -760,9 +760,19 @@ class WOSiteCreateController(CementBaseController): if ((wo_domain_type == 'subdomain') and (not pargs.letsencrypt == 'wildcard')): wo_subdomain = True - - setupLetsEncrypt(self, wo_domain, wo_subdomain, wo_wildcard, - wo_dns, wo_acme_dns) + # check if a wildcard cert for the root domain exist + if wo_subdomain is True: + wo_exist_wildcard = checkWildcardExist(self, + wo_root_domain) + # copy the cert from the root domain + if wo_exist_wildcard is True: + copyWildcardCert(self, wo_domain, wo_root_domain) + else: + setupLetsEncrypt(self, wo_domain, wo_subdomain, + wo_wildcard, wo_dns, wo_acme_dns) + else: + setupLetsEncrypt(self, wo_domain, wo_subdomain, + wo_wildcard, wo_dns, wo_acme_dns) httpsRedirect(self, wo_domain, True, wo_wildcard) if pargs.hsts: diff --git a/wo/cli/plugins/site_functions.py b/wo/cli/plugins/site_functions.py index 095479d..9483b6e 100644 --- a/wo/cli/plugins/site_functions.py +++ b/wo/cli/plugins/site_functions.py @@ -1488,6 +1488,27 @@ def checkWildcardExist(self, wo_domain_name): Log.debug(self, "{0}".format(e)) Log.error(self, "Failed to read cert list") +# copy wildcard certificate to a subdomain + + +def copyWildcardCert(self, wo_domain_name, wo_root_domain): + + if os.path.isfile("/var/www/{0}/conf/nginx/ssl.conf" + .format(wo_root_domain)): + try: + WOFileUtils.copyfile(self, "/var/www/{0}/conf/nginx/ssl.conf" + .format(wo_root_domain), + "/var/www/{0}/conf/nginx/ssl.conf" + .format(wo_domain_name)) + cert_link = open('/var/lib/wo/linked.csv', encoding='utf-8', + mode='a') + cert_link.write('{0}|{1}\n'.format(wo_root_domain, + wo_domain_name)) + cert_link.close() + except IOError as e: + Log.debug(self, str(e)) + Log.debug(self, "Error occured while copying ssl cert") + # letsencrypt cert renewal