diff --git a/src/helper/class-ee-site.php b/src/helper/class-ee-site.php index 08ad268e..ae3bfd2f 100644 --- a/src/helper/class-ee-site.php +++ b/src/helper/class-ee-site.php @@ -420,6 +420,12 @@ protected function delete_site( $level, $site_url, $site_fs_path, $db_data = [] * [--wildcard] * : Enable wildcard SSL on site. * + * [--ssl-key=] + * : Path to the SSL key file. Required with --ssl=custom. + * + * [--ssl-crt=] + * : Path to the SSL crt file. Required with --ssl=custom. + * * [--php=] * : PHP version for site. Currently only supports PHP 5.6, 7.0, 7.2, 7.3, 7.4, 8.0, 8.1, 8.2, 8.3, 8.4, and 8.5. * --- @@ -471,6 +477,9 @@ protected function delete_site( $level, $site_url, $site_fs_path, $db_data = [] * # Add self-signed SSL to non-ssl site * $ ee site update example.com --ssl=self * + * # Add custom SSL to non-ssl site + * $ ee site update example.com --ssl=custom --ssl-key=/path/to/site.key --ssl-crt=/path/to/site.crt + * * # Update PHP version of site. * $ ee site update example.com --php=8.0 * @@ -937,6 +946,13 @@ protected function update_ssl( $assoc_args ) { $this->site_data['site_ssl'] = $ssl; if ( $ssl ) { + // www_ssl_wrapper() skips cert work for custom SSL, so mirror the create + // path here: validate the provided key/crt and copy them into the + // nginx-proxy certs dir before enabling HTTPS, else the site serves a wrong cert. + if ( 'custom' === $ssl ) { + $this->validate_site_custom_ssl( get_flag_value( $assoc_args, 'ssl-key' ), get_flag_value( $assoc_args, 'ssl-crt' ) ); + $this->custom_site_ssl(); + } $this->www_ssl_wrapper( [ 'nginx' ] ); } else { $this->disable_ssl();