keep key during certificate renewal

main
lub 4 years ago
parent b243ea084d
commit 2506bc3a7f

@ -36,6 +36,12 @@ command2 = [
"--post-hook", "/config.py"
]
# if dane is used we recommend pinning to the key, so it should not change
# ('true','yes') to be consistent with the logic in configuration.py
if os.environ.get("TLS_REUSE_KEY", "false").lower() in ('true','yes'):
command.append("--reuse-key")
command2.append("--reuse-key")
# Wait for nginx to start
time.sleep(5)

Loading…
Cancel
Save