diff --git a/server/private/routers/certificates/createCertificate.ts b/server/private/routers/certificates/createCertificate.ts index 3aa0c6873..4f7bb7fe8 100644 --- a/server/private/routers/certificates/createCertificate.ts +++ b/server/private/routers/certificates/createCertificate.ts @@ -15,7 +15,6 @@ import { Certificate, certificates, db, domains } from "@server/db"; import logger from "@server/logger"; import { Transaction } from "@server/db"; import { eq, or, and, like } from "drizzle-orm"; -import privateConfig from "#private/lib/config"; /** * Checks if a certificate exists for the given domain. @@ -27,10 +26,6 @@ export async function createCertificate( domain: string, trx: Transaction | typeof db ) { - if (!privateConfig.getRawPrivateConfig().flags.use_pangolin_dns) { - return; - } - const [domainRecord] = await trx .select() .from(domains) diff --git a/server/private/routers/certificates/getCertificate.ts b/server/private/routers/certificates/getCertificate.ts index c3a590193..9e434b3e0 100644 --- a/server/private/routers/certificates/getCertificate.ts +++ b/server/private/routers/certificates/getCertificate.ts @@ -41,8 +41,9 @@ async function query(domainId: string, domain: string) { } let existing: any[] = []; - if (domainRecord.type == "ns") { + if (domainRecord.type == "ns" || domainRecord.type == "wildcard") { // the manual "wildcard" domains can have wildcard certs const domainLevelDown = domain.split(".").slice(1).join("."); + const wildcardPrefixed = `*.${domainLevelDown}`; existing = await db .select({ @@ -64,7 +65,8 @@ async function query(domainId: string, domain: string) { eq(certificates.wildcard, true), // only NS domains can have wildcard certs or( eq(certificates.domain, domain), - eq(certificates.domain, domainLevelDown) + eq(certificates.domain, domainLevelDown), + eq(certificates.domain, wildcardPrefixed) ) ) );