switch to new X3 certificate

author: Andrew Cady <d@jerkface.net> 2016-05-01 00:11:51 -0400
committer: Andrew Cady <d@jerkface.net> 2016-05-01 00:16:03 -0400
commit: 6ed2f2ef03570cd234c7cb6ccca38f953b8c063d (patch)
tree: 34acdb9cf9941d1f687551087e4e70e73c225994 /acme-certify.hs
parent: e0223ea4f319232a2bb8ae412a94ee5ad1bd7d5b (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/acme-certify.hs b/acme-certify.hs
index 94891d0..84c26c6 100644
--- a/acme-certify.hs
+++ b/acme-certify.hs
@@ -34,7 +34,7 @@ import           Network.ACME                 (HttpProvisioner, Keys (..),
                                               ensureWritableDir,
                                               provisionViaFile, readKeys,
                                               (</>))
-import           Network.ACME.Issuer          (letsEncryptX1CrossSigned)
+import           Network.ACME.Issuer          (letsEncryptX3CrossSigned)
 import           Network.URI
 import           OpenSSL
 import           OpenSSL.DH
@@ -233,7 +233,7 @@ readSignedObject =
 runUpdate :: UpdateOpts -> IO ()
 runUpdate UpdateOpts { .. } = do
-  issuerCert <- readX509 letsEncryptX1CrossSigned
+  issuerCert <- readX509 letsEncryptX3CrossSigned
  config <- Config.load "config.yaml"
  hostsConfig <- Config.subconfig "hosts" config
@@ -369,7 +369,7 @@ runCertify CertifyOpts{..} = do
      requestDomains     = map domainName' optDomains
      email              = either (error . ("Error: invalid email address: " ++)) id . validate . fromString <$> optEmail
-  issuerCert <- readX509 letsEncryptX1CrossSigned
+  issuerCert <- readX509 letsEncryptX3CrossSigned -- TODO: Don't use fixed issuer certificate.  It changed before; it will again.
  seq email (return ())
  createDirectoryIfMissing False domainDir
author	Andrew Cady <d@jerkface.net>	2016-05-01 00:11:51 -0400
committer	Andrew Cady <d@jerkface.net>	2016-05-01 00:16:03 -0400
commit	6ed2f2ef03570cd234c7cb6ccca38f953b8c063d (patch)
tree	34acdb9cf9941d1f687551087e4e70e73c225994 /acme-certify.hs
parent	e0223ea4f319232a2bb8ae412a94ee5ad1bd7d5b (diff)

diff --git a/acme-certify.hs b/acme-certify.hs index 94891d0..84c26c6 100644 --- a/acme-certify.hs +++ b/acme-certify.hs
@@ -34,7 +34,7 @@ import Network.ACME (HttpProvisioner, Keys (..),
34	ensureWritableDir,	34	ensureWritableDir,
35	provisionViaFile, readKeys,	35	provisionViaFile, readKeys,
36	(</>))	36	(</>))
37	import Network.ACME.Issuer (letsEncryptX1CrossSigned)	37	import Network.ACME.Issuer (letsEncryptX3CrossSigned)
38	import Network.URI	38	import Network.URI
39	import OpenSSL	39	import OpenSSL
40	import OpenSSL.DH	40	import OpenSSL.DH
@@ -233,7 +233,7 @@ readSignedObject =
233		233
234	runUpdate :: UpdateOpts -> IO ()	234	runUpdate :: UpdateOpts -> IO ()
235	runUpdate UpdateOpts { .. } = do	235	runUpdate UpdateOpts { .. } = do
236	issuerCert <- readX509 letsEncryptX1CrossSigned	236	issuerCert <- readX509 letsEncryptX3CrossSigned
237		237
238	config <- Config.load "config.yaml"	238	config <- Config.load "config.yaml"
239	hostsConfig <- Config.subconfig "hosts" config	239	hostsConfig <- Config.subconfig "hosts" config
@@ -369,7 +369,7 @@ runCertify CertifyOpts{..} = do
369	requestDomains = map domainName' optDomains	369	requestDomains = map domainName' optDomains
370	email = either (error . ("Error: invalid email address: " ++)) id . validate . fromString <$> optEmail	370	email = either (error . ("Error: invalid email address: " ++)) id . validate . fromString <$> optEmail
371		371
372	issuerCert <- readX509 letsEncryptX1CrossSigned	372	issuerCert <- readX509 letsEncryptX3CrossSigned -- TODO: Don't use fixed issuer certificate. It changed before; it will again.
373		373
374	seq email (return ())	374	seq email (return ())
375	createDirectoryIfMissing False domainDir	375	createDirectoryIfMissing False domainDir