From 1c904b2ed3d83b56ec7650e981c156a9df63de4e Mon Sep 17 00:00:00 2001
From: Kim Alvefur <zash@zash.se>
Date: Wed, 22 Dec 2021 18:34:11 +0100
Subject: util.prosodyctl.cert: Copy SAN/wildcard certs only once

---
 util/prosodyctl/cert.lua | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'util/prosodyctl')

diff --git a/util/prosodyctl/cert.lua b/util/prosodyctl/cert.lua
index d37bb82c..4461182d 100644
--- a/util/prosodyctl/cert.lua
+++ b/util/prosodyctl/cert.lua
@@ -223,10 +223,14 @@ function cert_commands.import(arg)
 	local imported = {};
 	for _, host in ipairs(hostnames) do
 		local paths = cm.find_cert_in_index(files_by_name, host);
-		if paths then
+		if paths and not imported[paths.certificate] then
+			-- One certificate, many mames!
+			table.insert(imported, host);
+		elseif paths then
 			copy(paths.certificate, cert_basedir .. "/" .. host .. ".crt", nil, owner, group);
 			copy(paths.key, cert_basedir .. "/" .. host .. ".key", "0377", owner, group);
 			table.insert(imported, host);
+			imported[paths.certificate] = true;
 		else
 			-- TODO Say where we looked
 			pctl.show_warning("No certificate for host "..host.." found :(");
-- 
cgit v1.2.3