Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing and misleading hook environment variables #2158

Closed
3 tasks done
webcompas opened this issue Apr 16, 2024 · 4 comments · Fixed by #2160
Closed
3 tasks done

Missing and misleading hook environment variables #2158

webcompas opened this issue Apr 16, 2024 · 4 comments · Fixed by #2160
Labels
area/cli enhancement

Comments

@webcompas
Copy link

webcompas commented Apr 16, 2024
edited by ldez
Loading

Welcome

  • Yes, I'm using a binary release within 2 latest releases.
  • Yes, I've searched similar issues on GitHub and didn't find any.
  • Yes, I've included all information below (version, config, etc).

What did you expect to see?

Hook scripts are provided with certificate related information using the following environment variables. But some of them are set and contain the respective file path even if the file has not been created:

  • LEGO_CERT_PFX_PATH (only with --pfx)
  • LEGO_CERT_PEM_PATH (only with --pem)

In addition there should also be an environment variable (e.g. LEGO_ISSUER_CERT_PATH) containing the path to the issuer's certificate if the file has been created.

What did you see instead?

The environment variables should only exist or have a value if the respective file has been created. Otherwise this may be misleading and makes it more complex for the scripts to decide/differentiate how to handle it.

How do you use lego?

Binary

Reproduction steps

Just create or renew a certificate without the mentioned options being set.

Version of lego

lego version 4.16.1 linux/amd64

Logs

LEGO_CERT_PFX_PATH=/etc/lego/lego-test/.lego/certificates/_.crt-ltw.example.com.pfx
LEGO_ACCOUNT_EMAIL=foobar@example.com
LEGO_CERT_PEM_PATH=/etc/lego/lego-test/.lego/certificates/_.crt-ltw.example.com.pem
LEGO_CERT_PATH=/etc/lego/lego-test/.lego/certificates/_.crt-ltw.example.com.crt
LEGO_CERT_KEY_PATH=/etc/lego/lego-test/.lego/certificates/_.crt-ltw.example.com.key
LEGO_CERT_DOMAIN=*.crt-ltw.example.com

Go environment (if applicable)

$ go version && go env
# paste output here
@webcompas webcompas added the bug label Apr 16, 2024
@ldez ldez mentioned this issue Apr 16, 2024
Merged
@webcompas
Copy link
Author

@ldez What about the path to the issuer's certificate? You closed the issue without any comment or change in this regard.

@ldez ldez mentioned this issue Apr 17, 2024
Merged
@ldez
Copy link
Member

ldez commented Apr 17, 2024

I was focused on the pfx and pem path, I completely missed the issuer path.

@webcompas
Copy link
Author

I was focused on the pfx and pem path, I completely missed the issuer path.

So please re-open the issue to proceed with this part.

@ldez
Copy link
Member

ldez commented Apr 17, 2024

It's already fixed: #2164

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/cli enhancement
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: fills LEGO_CERT_PFX_PATH and LEGO_CERT_PEM_PATH only when needed ldez/lego
2 participants
@webcompas @ldez