From 8963dcc128c739e012d6131639a79b35129d8b84 Mon Sep 17 00:00:00 2001 From: Riddhesh Sanghvi Date: Tue, 30 Jun 2026 15:47:25 +0530 Subject: [PATCH] fix(ssl): block ssl-verify on non-letsencrypt sites --- src/helper/class-ee-site.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/helper/class-ee-site.php b/src/helper/class-ee-site.php index 08ad268e..5158a6fb 100644 --- a/src/helper/class-ee-site.php +++ b/src/helper/class-ee-site.php @@ -1678,6 +1678,11 @@ public function ssl_verify( $args = [], $assoc_args = [], $www_or_non_www = fals $this->site_data = get_site_info( $args ); } + // SSL verification issues a Let's Encrypt cert via ACME, which is meaningless for non-LE certs and would clobber custom/self/inherited ones. + if ( 'le' !== $this->site_data['site_ssl'] ) { + EE::error( 'SSL verification is only applicable to Let\'s Encrypt certificates.' ); + } + if ( ! isset( $this->le_mail ) ) { $this->le_mail = \EE::get_config( 'le-mail' ) ?? \EE::input( 'Enter your mail id: ' ); }