|
|
@@ -4934,7 +4934,9 @@ $_authorizations_map"
|
|
|
|
|
|
echo "$response" >"$CERT_PATH"
|
|
|
_split_cert_chain "$CERT_PATH" "$CERT_FULLCHAIN_PATH" "$CA_CERT_PATH"
|
|
|
-
|
|
|
+ if [ -z "$_preferred_chain" ]; then
|
|
|
+ _preferred_chain=$(_readcaconf DEFAULT_PREFERRED_CHAIN)
|
|
|
+ fi
|
|
|
if [ "$_preferred_chain" ] && [ -f "$CERT_FULLCHAIN_PATH" ]; then
|
|
|
if [ "$DEBUG" ]; then
|
|
|
_debug "default chain issuers: " "$(_get_chain_issuers "$CERT_FULLCHAIN_PATH")"
|
|
|
@@ -6547,6 +6549,8 @@ Commands:
|
|
|
--deactivate Deactivate the domain authz, professional use.
|
|
|
--set-default-ca Used with '--server', Set the default CA to use.
|
|
|
See: $_SERVER_WIKI
|
|
|
+ --set-default-chain Set the default preferred chain for a CA.
|
|
|
+ See: $_PREFERRED_CHAIN_WIKI
|
|
|
|
|
|
|
|
|
Parameters:
|
|
|
@@ -6833,6 +6837,18 @@ setdefaultca() {
|
|
|
_info "Changed default CA to: $(__green "$ACME_DIRECTORY")"
|
|
|
}
|
|
|
|
|
|
+#preferred-chain
|
|
|
+setdefaultchain() {
|
|
|
+ _initpath
|
|
|
+ _preferred_chain="$1"
|
|
|
+ if [ -z "$_preferred_chain" ]; then
|
|
|
+ _err "Please give a '--preferred-chain value' value."
|
|
|
+ return 1
|
|
|
+ fi
|
|
|
+ mkdir -p "$CA_DIR"
|
|
|
+ _savecaconf "DEFAULT_PREFERRED_CHAIN" "$_preferred_chain"
|
|
|
+}
|
|
|
+
|
|
|
_process() {
|
|
|
_CMD=""
|
|
|
_domain=""
|
|
|
@@ -6984,6 +7000,9 @@ _process() {
|
|
|
--set-default-ca)
|
|
|
_CMD="setdefaultca"
|
|
|
;;
|
|
|
+ --set-default-chain)
|
|
|
+ _CMD="setdefaultchain"
|
|
|
+ ;;
|
|
|
-d | --domain)
|
|
|
_dvalue="$2"
|
|
|
|
|
|
@@ -7514,6 +7533,9 @@ _process() {
|
|
|
setdefaultca)
|
|
|
setdefaultca
|
|
|
;;
|
|
|
+ setdefaultchain)
|
|
|
+ setdefaultchain "$_preferred_chain"
|
|
|
+ ;;
|
|
|
*)
|
|
|
if [ "$_CMD" ]; then
|
|
|
_err "Invalid command: $_CMD"
|
Bjarne Saltbaek