https://bz.apache.org/bugzilla/show_bug.cgi?id=62445
Bug ID: 62445
Summary: Conditionally set the SSLCertificateFile when the file
exists
Product: Apache httpd-2
Version: 2.4.16
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: mod_ssl
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
I am using Let's Encrypt (certonly) to generate SSL certificates for several
websites hosted on an Apache server. The file location of these certificates is
determinate before they are created, so I am writing their paths into my
virtual host configuration in advance. Once the site is running, I will use
certbot to get the certificate files and then reload the Apache configuration.
I also have a global SSL certificate defined with valid files, so every SSL
virtual host will be certain to have a certificate.
The problem I'm having is that Apache won't run without all the certificate
files, despite having a global fallback. I tried to conditionally configure the
Let's Encrypt certificate only when the file exists using IF, but Apache says
SSLCertificateFile not allowed here.
It should be possible to override the global SSLCertificateFile only when the
new certificate files exist. I'm trying to do all of this without having to
modify the configuration before and after the certificates have been generated.
Here is what I tried:
<If "-f '/etc/letsencrypt/live/domain/fullchain.pem'">
SSLCertificateFile /etc/letsencrypt/live/domain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain/privkey.pem
</If>
→ SSLCertificateFile not allowed here
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
