Merge remote-tracking branch 'upstream/master'

management/ssl_certificates.py

@@ -142,17 +142,17 @@ def get_ssl_certificates(env):
 	return ret
 
 def get_domain_ssl_files(domain, ssl_certificates, env, allow_missing_cert=False, use_main_cert=True):
-	# I moved the system_certificate declaration here, since otherwise we get a 
-	# "local variable 'system_certificate' referenced before assignment" error in the 
-        # elif not allow_missing_cert block
-	ssl_private_key = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_private_key.pem'))
-	ssl_certificate = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_certificate.pem'))
-	system_certificate = {
-		"private-key": ssl_private_key,
-		"certificate": ssl_certificate,
-		"primary-domain": env['PRIMARY_HOSTNAME'],
-		"certificate_object": load_pem(load_cert_chain(ssl_certificate)[0]),
-	}
+	if use_main_cert or not allow_missing_cert:
+		# Get the system certificate info.
+		ssl_private_key = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_private_key.pem'))
+		ssl_certificate = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_certificate.pem'))
+		system_certificate = {
+			"private-key": ssl_private_key,
+			"certificate": ssl_certificate,
+			"primary-domain": env['PRIMARY_HOSTNAME'],
+			"certificate_object": load_pem(load_cert_chain(ssl_certificate)[0]),
+		}
+
 	if use_main_cert:
 		if domain == env['PRIMARY_HOSTNAME']:
 			# The primary domain must use the server certificate because
@@ -226,7 +226,7 @@ def get_certificates_to_provision(env, limit_domains=None, show_valid_certs=True
 				# DNS is all good.
 
 				# Check for a good existing cert.
-				existing_cert = get_domain_ssl_files(domain, existing_certs, env, use_main_cert=False)
+				existing_cert = get_domain_ssl_files(domain, existing_certs, env, use_main_cert=False, allow_missing_cert=True)
 				if existing_cert:
 					existing_cert_check = check_certificate(domain, existing_cert['certificate'], existing_cert['private-key'],
 						warn_if_expiring_soon=14)