Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 22 additions & 1 deletion backend/internal/certificate.js
Original file line number Diff line number Diff line change
Expand Up @@ -595,7 +595,10 @@ const internalCertificate = {
* @returns {Promise}
*/
upload: async (access, data) => {
const row = await internalCertificate.get(access, { id: data.id });
const row = await internalCertificate.get(access, {
id: data.id,
expand: ["proxy_hosts", "redirection_hosts", "dead_hosts", "streams"],
});
if (row.provider !== "other") {
throw new error.ValidationError("Cannot upload certificates for this type of provider");
}
Expand All @@ -620,6 +623,24 @@ const internalCertificate = {

certificate.meta = row.meta;
await internalCertificate.writeCustomCert(certificate);

// Reload nginx when the certificate is in use, so the new files are served
const inUseCount =
(row.proxy_hosts?.length || 0) +
(row.redirection_hosts?.length || 0) +
(row.dead_hosts?.length || 0) +
(row.streams?.length || 0);
if (inUseCount > 0) {
try {
await internalNginx.reload();
} catch (err) {
throw new error.ConfigurationError(
`The certificate was saved but nginx could not be reloaded and may still be serving the previous certificate: ${err.message}`,
err,
);
}
}

return _.pick(row.meta, internalCertificate.allowedSslFiles);
},

Expand Down
17 changes: 15 additions & 2 deletions frontend/src/hooks/useCertificate.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,24 @@
import { useQuery } from "@tanstack/react-query";
import { type Certificate, getCertificate } from "src/api/backend";

const fetchCertificate = (id: number) => {
const fetchCertificate = (id: number | "new") => {
if (id === "new") {
return Promise.resolve({
id: 0,
createdOn: "",
modifiedOn: "",
ownerUserId: 0,
provider: "",
niceName: "",
domainNames: [],
expiresOn: "",
meta: {},
} as Certificate);
}
return getCertificate(id, ["owner"]);
};

const useCertificate = (id: number, options = {}) => {
const useCertificate = (id: number | "new", options = {}) => {
return useQuery<Certificate, Error>({
queryKey: ["certificate", id],
queryFn: () => fetchCertificate(id),
Expand Down
3 changes: 3 additions & 0 deletions frontend/src/locale/src/en.json
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,9 @@
"certificates.custom": {
"defaultMessage": "Custom Certificate"
},
"certificates.custom.domain-changed": {
"defaultMessage": "The uploaded certificate is for {newDomain} but this certificate currently covers {domains}. Hosts using this certificate may no longer match it. Save again to confirm the change."
},
"certificates.custom.warning": {
"defaultMessage": "Key files protected with a passphrase are not supported."
},
Expand Down
Loading