From 38fb94c52fd219c3013bd97a09fd1062df2de455 Mon Sep 17 00:00:00 2001
From: jmsilva <30354367+jpmsilva@users.noreply.github.com>
Date: Tue, 14 Nov 2023 00:03:49 +0000
Subject: [PATCH] Proper handling of wildcard checks. Currently, if a wildcard
 certificate is used, the check script always returns false due to the way
 grep is used to search for the corresponding certificate DNS name. The
 certificate name is handled as a regular expression. This always fails, and
 hence the formula always runs the create-initial-cert-* state, even if the
 certificate was previously created.

---
 letsencrypt/files/check_letsencrypt_cert.sh.jinja | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/letsencrypt/files/check_letsencrypt_cert.sh.jinja b/letsencrypt/files/check_letsencrypt_cert.sh.jinja
index b0d639d..761aeec 100644
--- a/letsencrypt/files/check_letsencrypt_cert.sh.jinja
+++ b/letsencrypt/files/check_letsencrypt_cert.sh.jinja
@@ -5,7 +5,7 @@ CERT_NAME=$1
 shift
 for DOMAIN in "$@"
 do
-    openssl x509 -in {{ letsencrypt.config_dir.path }}/live/$CERT_NAME/cert.pem -noout -text | grep DNS:${DOMAIN} > /dev/null || exit 1
+    openssl x509 -in {{ letsencrypt.config_dir.path }}/live/$CERT_NAME/cert.pem -noout -text | grep -F DNS:${DOMAIN} > /dev/null || exit 1
 done
 CERT=$(date -d "$(openssl x509 -in {{ letsencrypt.config_dir.path }}/live/$CERT_NAME/cert.pem -enddate -noout | cut -d'=' -f2)" "+%s")
 CURRENT=$(date "+%s")