diff --git a/check-certificates.rsc b/check-certificates.rsc index 0122122a..e5683514 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -60,8 +60,8 @@ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; } do={ - :if ($Err != "Fetch failed with status 404") do={ - $LogPrint warning $0 ("Failed fetching certificate: " . $Err); + :if (!($Err ~ "[Ss]tatus 404")) do={ + $LogPrint warning $0 ("Failed fetching certificate by '" . $FetchName . "': " . $Err); } :error false; } @@ -177,9 +177,11 @@ $LogPrint info $ScriptName ("Attempting to renew certificate '" . ($CertVal->"name") . "'."); :local ImportSuccess false; - :set LastName ($CertVal->"common-name"); - :set FetchName $LastName; - :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; + :if ([ :len ($CertVal->"common-name") ] > 0) do={ + :set LastName ($CertVal->"common-name"); + :set FetchName $LastName; + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; + } :foreach SAN in=($CertVal->"subject-alt-name") do={ :if ($ImportSuccess = false) do={ :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 1e69af46..c6db7c88 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -85,7 +85,7 @@ Given you have a certificate on you server, you can use `check-certificates` for the initial import. Just create a *dummy* certificate with short lifetime that matches criteria to be renewed: - /certificate/add name=example.com common-name=example.com days-valid=1; + /certificate/add name="example.com" common-name="example.com" subject-alt-name="DNS:example.com" days-valid=1; /certificate/sign example.com; /system/script/run check-certificates;