Check fullchain.pem, not cert.pem

While using certbot means we'll have both files retrieved,
it's actually the fullchain.pem file that we use in nginx configuration.

Using that one for the check makes more sense.
This commit is contained in:
Slavi Pantaleev 2019-05-21 11:58:18 +09:00
parent 3250df6765
commit 5c821b581a

View File

@ -2,7 +2,7 @@
msg: "Dealing with SSL certificate retrieval for domain: {{ domain_name }}" msg: "Dealing with SSL certificate retrieval for domain: {{ domain_name }}"
- set_fact: - set_fact:
domain_name_certificate_path: "{{ matrix_ssl_config_dir_path }}/live/{{ domain_name }}/cert.pem" domain_name_certificate_path: "{{ matrix_ssl_config_dir_path }}/live/{{ domain_name }}/fullchain.pem"
- name: Check if a certificate for the domain already exists - name: Check if a certificate for the domain already exists
stat: stat: