From 8cf8f2a483c01e96aeccc4525541db5a59f251bb Mon Sep 17 00:00:00 2001
From: Markus Heimhuber <markus.heimhuber@zazaz.de>
Date: Thu, 16 Mar 2017 19:45:12 +0100
Subject: [PATCH 1/2] Implemented replacing ${DOMAIN} in ACL with current
 domain name.

---
 getssl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/getssl b/getssl
index 7f3713e..932b791 100755
--- a/getssl
+++ b/getssl
@@ -383,6 +383,8 @@ check_config() { # check the config files for all obvious errors
       DOMAIN_ACL="${ACL[$dn]}"
     fi
 
+    DOMAIN_ACL=$(echo $DOMAIN_ACL | sed -e "s/\${DOMAIN}/${d}/g")
+
     if [[ $VALIDATE_VIA_DNS != "true" ]]; then # using http-01 challenge
       if [[ -z "${DOMAIN_ACL}" ]]; then
         info "${DOMAIN}: ACL location not specified for domain $d in $DOMAIN_DIR/getssl.cfg"
@@ -1815,6 +1817,8 @@ for d in $alldomains; do
     DOMAIN_ACL="${ACL[$dn]}"
   fi
 
+  DOMAIN_ACL=$(echo $DOMAIN_ACL | sed -e "s/\${DOMAIN}/${d}/g")
+
   # request a challenge token from ACME server
   request="{\"resource\":\"new-authz\",\"identifier\":{\"type\":\"dns\",\"value\":\"$d\"}}"
   send_signed_request "$URL_new_authz" "$request"

From 00467b6207b81207802545dd5fcbb3f5453a5966 Mon Sep 17 00:00:00 2001
From: Markus Heimhuber <markus.heimhuber@zazaz.de>
Date: Thu, 16 Mar 2017 19:52:27 +0100
Subject: [PATCH 2/2] Changed version to 2.11 and added changes to log.

---
 getssl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/getssl b/getssl
index 932b791..1dd5a8f 100755
--- a/getssl
+++ b/getssl
@@ -184,10 +184,11 @@
 # 2017-01-30 issue #243 compatibility with bash 3.0 (2.08)
 # 2017-01-30 issue #243 additional compatibility with bash 3.0 (2.09)
 # 2017-02-18 add OCSP Must-Staple to the domain csr generation (2.10)
+# 2017-03-16 implemented replacing ${DOMAIN} in ACL with current domain name (2.11)
 # ----------------------------------------------------------------------------------------
 
 PROGNAME=${0##*/}
-VERSION="2.10"
+VERSION="2.11"
 
 # defaults
 ACCOUNT_KEY_LENGTH=4096