From 2e3d9c2028bcae2ede39147ad0ac68f3a9f0eb25 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Sat, 11 Mar 2023 16:59:47 -0800
Subject: [PATCH] Do the same thing with the SSL cert for Nginx restores that
 we do for Apache restores

---
 virtual_feature.pl | 40 ++++++++++++++++++++++------------------
 1 file changed, 22 insertions(+), 18 deletions(-)

diff --git a/virtual_feature.pl b/virtual_feature.pl
index bd81596..1da5730 100644
--- a/virtual_feature.pl
+++ b/virtual_feature.pl
@@ -2584,24 +2584,28 @@ sub feature_restore
 	&$virtual_server::second_print($virtual_server::text{'setup_done'});
 	}
 
-# Restore SSL cert and key
-my $cert = $d->{'ssl_cert'} || &feature_get_web_ssl_file($d, 'cert');
-my $key = $d->{'ssl_key'} || &feature_get_web_ssl_file($d, 'key');
-my $ca = $d->{'ssl_chain'} || &feature_get_web_ssl_file($d, 'ca');
-if ($cert && -r $file."_cert") {
-	&lock_file($cert);
-	&virtual_server::write_ssl_file_contents($d, $cert, $file."_cert");
-	&unlock_file($cert);
-	}
-if ($key && -r $file."_key") {
-	&lock_file($key);
-	&virtual_server::write_ssl_file_contents($d, $key, $file."_key");
-	&unlock_file($key);
-	}
-if ($ca && -r $file."_ca") {
-	&lock_file($ca);
-	&virtual_server::write_ssl_file_contents($d, $ca, $file."_ca");
-	&unlock_file($ca);
+# Restore SSL cert and key, unless shared
+if (!$d->{'ssl_same'}) {
+	my $cert = $d->{'ssl_cert'} || &feature_get_web_ssl_file($d, 'cert');
+	my $key = $d->{'ssl_key'} || &feature_get_web_ssl_file($d, 'key');
+	my $ca = $d->{'ssl_chain'} || &feature_get_web_ssl_file($d, 'ca');
+	if ($cert && -r $file."_cert") {
+		&lock_file($cert);
+		&virtual_server::write_ssl_file_contents($d, $cert, $file."_cert");
+		&unlock_file($cert);
+		}
+	if ($key && -r $file."_key") {
+		&lock_file($key);
+		&virtual_server::write_ssl_file_contents($d, $key, $file."_key");
+		&unlock_file($key);
+		}
+	if ($ca && -r $file."_ca") {
+		&lock_file($ca);
+		&virtual_server::write_ssl_file_contents($d, $ca, $file."_ca");
+		&unlock_file($ca);
+		}
+	&virtual_server::refresh_ssl_cert_expiry($d);
+	&virtual_server::sync_combined_ssl_cert($d);
 	}
 
 return 1;