core.certmanager: Ensure key exists for fullchain
Since 5cd075ed4fd3 any file matching "fullchain" would be considered for
use.
Dehydrated stores fullchain certs in e.g, fullchain-1641171024.pem and a
symlink fullchain.pem pointing at the latest one. However the current
rule for finding a corresponding private key would try
privkey-1641171024.pem in the same directory, which may not exist.
--- a/core/certmanager.lua Sun Feb 20 00:24:18 2022 +0100
+++ b/core/certmanager.lua Mon Feb 21 08:54:39 2022 +0100
@@ -130,7 +130,7 @@
if f then
-- TODO look for chained certificates
local firstline = f:read();
- if firstline == "-----BEGIN CERTIFICATE-----" then
+ if firstline == "-----BEGIN CERTIFICATE-----" and lfs.attributes(find_matching_key(full), "mode") == "file" then
f:seek("set")
local cert = ssl.loadcertificate(f:read("*a"))
-- TODO if more than one cert is found for a name, the most recently