#!/bin/bash
-# $Id$
-# $URL$
#
# priority: 300
#
if [ -f $crt ] ; then
# Check if certificate is valid
- verify=$(openssl verify -CAfile $ca $crt)
# Backup if invalid or if the subject has changed
- if grep -q "error" <<<$verify || \
+ if openssl verify -CAfile $ca $crt | grep -q "error" || \
[ "$(ssl_cname $crt)" != "$cname" ] ; then
backup_file $crt
backup_file $ca
+ backup_file $key
fi
fi