]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/letsencrypt/templates/default/check-certificate.erb
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'github/pull/748'
[chef.git] / cookbooks / letsencrypt / templates / default / check-certificate.erb
diff --git a/cookbooks/letsencrypt/templates/default/check-certificate.erb b/cookbooks/letsencrypt/templates/default/check-certificate.erb
index 8863e9ae8f32382b01e9fc2a956656eea35feccf..319072b6b0ae8b8903d803600ea3e64890ebaf3e 100644 (file)
--- a/cookbooks/letsencrypt/templates/default/check-certificate.erb
+++ b/cookbooks/letsencrypt/templates/default/check-certificate.erb
@@ -33,6 +33,10 @@ if ssl
     puts "Certificate #{domains.first} on #{host} expires at #{certificate.not_after}"
   end
 
+  unless certificate.public_key.is_a?(OpenSSL::PKey::EC)
+    puts "Certificate #{domains.first} on #{host} does not use ECDSA key type"
+  end
+
   digest = OpenSSL::Digest::SHA1.new
   certificate_id = OpenSSL::OCSP::CertificateId.new(certificate, issuer, digest)
   ocsp_request = OpenSSL::OCSP::Request.new.add_certid(certificate_id)
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.