Bot Updating Package Versions

Merge pull request #613 from linuxserver/cert-check
remove obsolete old cert check logic
2026-06-04 08:26:39 +09:00 · 2026-06-01 16:09:07 +00:00 · 2026-06-01 12:02:02 -04:00 · 2026-06-01 11:04:38 -04:00
4 changed files with 4 additions and 14 deletions
@@ -433,6 +433,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64

 ## Versions

+* **01.06.26:** - Remove obsolete old cert check logic.
 * **23.01.26:** - Reorder init to fix proxy conf version checks.
 * **21.12.25:** - Add support for hetzner-cloud dns validation.
 * **04.11.25:** - Switch default Gandi credentials from API Key to Token, allow DNS propagation time for Azure DNS plugin.
@@ -210,7 +210,7 @@ libxau                          1.0.12-r0             apk
 libxcb                          1.17.0-r0             apk                      
 libxdmcp                        1.1.5-r1              apk                      
 libxext                         1.3.6-r2              apk                      
-libxml2                         2.13.9-r0             apk                      
+libxml2                         2.13.9-r1             apk                      
 libxpm                          3.5.19-r0             apk                      
 libxslt                         1.1.43-r3             apk                      
 libxt                           1.3.1-r0              apk                      
@@ -315,7 +315,7 @@ php84-xmlwriter                 8.4.16-r0             apk
 php84-xsl                       8.4.16-r0             apk                      
 php84-zip                       8.4.16-r0             apk                      
 pinentry                        1.3.1-r0              apk                      
-pip                             26.1.1                python                   
+pip                             26.1.2                python                   
 pkb-client                      2.3.1                 python                   
 platformdirs                    4.4.0                 python                   
 popt                            1.19-r4               apk                      
@@ -219,6 +219,7 @@ init_diagram: |
  "swag:latest" <- Base Images
 # changelog
 changelogs:
+  - {date: "01.06.26:", desc: "Remove obsolete old cert check logic."}
  - {date: "23.01.26:", desc: "Reorder init to fix proxy conf version checks."}
  - {date: "21.12.25:", desc: "Add support for hetzner-cloud dns validation."}
  - {date: "04.11.25:", desc: "Switch default Gandi credentials from API Key to Token, allow DNS propagation time for Azure DNS plugin."}
@@ -206,18 +206,6 @@ fi
 # saving new variables
 echo -e "ORIGURL=\"${URL}\" ORIGSUBDOMAINS=\"${SUBDOMAINS}\" ORIGONLY_SUBDOMAINS=\"${ONLY_SUBDOMAINS}\" ORIGEXTRA_DOMAINS=\"${EXTRA_DOMAINS}\" ORIGVALIDATION=\"${VALIDATION}\" ORIGDNSPLUGIN=\"${DNSPLUGIN}\" ORIGPROPAGATION=\"${PROPAGATION}\" ORIGSTAGING=\"${STAGING}\" ORIGCERTPROVIDER=\"${CERTPROVIDER}\" ORIGEMAIL=\"${EMAIL}\"" >/config/.donoteditthisfile.conf

-# Check if the cert is using the old LE root cert, revoke and regen if necessary
-if [[ -f "/config/keys/letsencrypt/chain.pem" ]] && { [[ "${CERTPROVIDER}" == "letsencrypt" ]] || [[ "${CERTPROVIDER}" == "" ]]; } && [[ "${STAGING}" != "true" ]] && ! openssl x509 -in /config/keys/letsencrypt/chain.pem -noout -issuer | grep -q "ISRG Root X"; then
-    echo "The cert seems to be using the old LE root cert, which is no longer valid. Deleting and revoking."
-    REV_ACMESERVER=("https://acme-v02.api.letsencrypt.org/directory")
-    if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
-        certbot revoke --config-dir /config/etc/letsencrypt --logs-dir /config/log/letsencrypt --work-dir /tmp/letsencrypt --config /config/etc/letsencrypt/cli.ini --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server "${REV_ACMESERVER[@]}" || true
-    else
-        certbot revoke --config-dir /config/etc/letsencrypt --logs-dir /config/log/letsencrypt --work-dir /tmp/letsencrypt --config /config/etc/letsencrypt/cli.ini --non-interactive --cert-name "${ORIGDOMAIN}" --server "${REV_ACMESERVER[@]}" || true
-    fi
-    rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
-fi
-
 # if zerossl is selected or staging is set to true, use the relevant server
 if [[ "${CERTPROVIDER}" = "zerossl" ]] && [[ "${STAGING}" = "true" ]]; then
    echo "ZeroSSL does not support staging mode, ignoring STAGING variable"
Author	SHA1	Message	Date
LinuxServer-CI	32c26223dd	Bot Updating Package Versions	2026-06-01 16:09:07 +00:00
aptalca	60161a3baf	Merge pull request #613 from linuxserver/cert-check remove obsolete old cert check logic	2026-06-01 12:02:02 -04:00
aptalca	321837be0d	remove obsolete old cert check logic	2026-06-01 11:04:38 -04:00