| public applyCertificates ( ) : boolean | ||
| return | boolean | |
public function applyCertificates()
{
if (defined('CRON')) {
$domainPath = '/usr/local/directadmin/data/users/' . $this->account->getUsername() . '/domains/' . $this->getDomain();
file_put_contents($domainPath . '.key', $this->domainKeys->getPrivate());
chown($domainPath . '.key', 'diradmin');
chgrp($domainPath . '.key', 'diradmin');
chmod($domainPath . '.key', 0600);
file_put_contents($domainPath . '.cert', $this->getCertificate());
chown($domainPath . '.cert', 'diradmin');
chgrp($domainPath . '.cert', 'diradmin');
chmod($domainPath . '.cert', 0600);
file_put_contents($domainPath . '.cacert', implode("\n", $this->getCertificateAuthorityCertificates()));
chown($domainPath . '.cacert', 'diradmin');
chgrp($domainPath . '.cacert', 'diradmin');
chmod($domainPath . '.cacert', 0600);
$config = new Config($domainPath . '.conf');
$config->config('SSLCertificateKeyFile', $domainPath . '.key');
$config->config('SSLCertificateFile', $domainPath . '.cert');
$config->config('SSLCACertificateFile', $domainPath . '.cacert');
$config->config('ssl', 'ON');
} else {
$sock = $this->getSocket();
$sock->set_method('POST');
$sock->query('/CMD_API_SSL', ['domain' => $this->getDomain(), 'action' => 'save', 'type' => 'paste', 'certificate' => $this->domainKeys->getPrivate() . PHP_EOL . $this->getCertificate(), 'submit' => 'Save']);
$result = $sock->fetch_parsed_body();
if ($result['error'] != 0) {
throw new \Exception('Error while executing first API request: ' . $result['details']);
}
$sock->set_method('POST');
$sock->query('/CMD_API_SSL', ['domain' => $this->getDomain(), 'action' => 'save', 'type' => 'cacert', 'active' => 'yes', 'cacert' => implode("\n", $this->getCertificateAuthorityCertificates()), 'submit' => 'Save']);
$result = $sock->fetch_parsed_body();
if ($result['error'] != 0) {
throw new \Exception('Error while executing second API request: ' . $result['details']);
}
}
return true;
} continue;
}
$log->log('Processing domain ' . $domain->getDomain());
// Check if a renew is required, if everything needs to be checked within 10 days or in the past
if (strtotime($domain->config('expire')) - time() >= 10 * 86400) {
$log->log('Domain ' . $domain->getDomain() . ' doesn\'t need a reissue');
continue;
}
try {
$challenges = new Challenges($domain);
$challenges->solveChallenge();
$log->log('Successfully completed challenge for ' . $domain->getDomain());
$domain->createKeys();
$domain->requestCertificate(null, $domain->config('subdomains'));
$log->log('Successfully received certificate from Let\'s Encrypt');
$domain->applyCertificates();
$log->log('Successfully applied certificate and CA certificates to DirectAdmin');
$domain->config('domain', $domain->getDomain());
$domain->config('subdomains', $domain->getSubdomains());
$domain->config('status', 'applied to DirectAdmin (renewed)');
$domain->config('expire', date('Y-m-d', strtotime('+50 days')));
$log->log('Reissued domain ' . $domain->getDomain() . ' with success.');
} catch (\Exception $e) {
$log->error($e->getMessage(), null, false);
}
}
}
// Rewrite and restart HTTPD files
$queue = 'action=rewrite&value=httpd' . PHP_EOL;
$queue .= 'action=httpd&value=graceful' . PHP_EOL;
file_put_contents('/usr/local/directadmin/data/task.queue', $queue, FILE_APPEND);
