From 03e82dac080d13d348a8479f8d73b145bb26e3d0 Mon Sep 17 00:00:00 2001
From: Thomas Lange <code@nerdmind.de>
Date: Sat, 24 Dec 2016 09:28:33 +0100
Subject: Delete previously obtained certificates only if Certbot has
 successfully accomplished the challenge and new certificates exists.

---
 painless-le.sh | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/painless-le.sh b/painless-le.sh
index b729017..d88f74f 100755
--- a/painless-le.sh
+++ b/painless-le.sh
@@ -84,13 +84,6 @@ if [ $? != 0 ]; then
 	exit 1
 fi
 
-#===============================================================================
-# Delete previous certificates from the install directory
-#===============================================================================
-[ -f "${INTERMEDIATE}" ]     && rm "${INTERMEDIATE}"
-[ -f "${CERTIFICATE_ONLY}" ] && rm "${CERTIFICATE_ONLY}"
-[ -f "${CERTIFICATE_FULL}" ] && rm "${CERTIFICATE_FULL}"
-
 #===============================================================================
 # Execute defined command BEFORE the ACME challenge is started
 #===============================================================================
@@ -100,7 +93,22 @@ fi
 # Execute Let's Encrypt and accomplish the ACME challenge to get the certificate
 #===============================================================================
 certbot certonly --authenticator standalone --text --server "${LETSENCRYPT_ENDPOINT}" --csr "${REQUESTFILE}" \
---cert-path "${CERTIFICATE_ONLY}" --fullchain-path "${CERTIFICATE_FULL}" --chain-path "${INTERMEDIATE}"
+--cert-path "${CERTIFICATE_ONLY}.$$" --fullchain-path "${CERTIFICATE_FULL}.$$" --chain-path "${INTERMEDIATE}.$$"
+
+#===============================================================================
+# Checking if Certbot has successfully accomplished the ACME challenge
+#===============================================================================
+if [ $? != 0 ]; then
+	echo "$0: Certbot could not successfully accomplish the ACME challenge." >&2
+	exit 1
+fi
+
+#===============================================================================
+# Replace previous certificates with the new obtained certificate files
+#===============================================================================
+[ -f "${INTERMEDIATE}.$$" ]     && mv "${INTERMEDIATE}.$$"     "${INTERMEDIATE}"
+[ -f "${CERTIFICATE_ONLY}.$$" ] && mv "${CERTIFICATE_ONLY}.$$" "${CERTIFICATE_ONLY}"
+[ -f "${CERTIFICATE_FULL}.$$" ] && mv "${CERTIFICATE_FULL}.$$" "${CERTIFICATE_FULL}"
 
 #===============================================================================
 # Adjust the UNIX permissions with owner and group for the new created files
-- 
cgit v1.2.3