choose the best SSL cert from among the installed certificates; use the server...

choose the best SSL cert from among the installed certificates; use the server certificate instead of self-signed certificates

For HTTPS for the non-primary domains, instead of selecting an SSL certificate by expecting it to be in a directory named after the domain name (with special-case lookups
for www domains, and reusing the server certificate where possible), now scan all of the certificates that have been installed and just pick the best to use for each domain.

If no certificate is available, don't create a self-signed certificate anymore. This wasn't ever really necessary. Instead just use the server certificate.

management/daemon.py

@@ -318,9 +318,9 @@ def dns_get_dump():
 @app.route('/ssl/csr/<domain>', methods=['POST'])
 @authorized_personnel_only
 def ssl_get_csr(domain):
-	from web_update import get_domain_ssl_files, create_csr
-	ssl_key, ssl_certificate, ssl_via = get_domain_ssl_files(domain, env)
-	return create_csr(domain, ssl_key, env)
+	from web_update import create_csr
+	ssl_private_key = os.path.join(os.path.join(env["STORAGE_ROOT"], 'ssl', 'ssl_private_key.pem'))
+	return create_csr(domain, ssl_private_key, env)
 
 @app.route('/ssl/install', methods=['POST'])
 @authorized_personnel_only

management/templates/ssl.html

@@ -18,7 +18,7 @@
   </tbody>
 </table>
 
-<p>Advanced:<br>Install a multi-domain or wildcard certificate for the <code>{{hostname}}</code> domain to have it automatically applied to any domains it is valid for.</p>
+<p>A multi-domain or wildcard certificate will be automatically applied to any domains it is valid for.</p>
 
 <h3 id="ssl_install_header">Install SSL Certificate</h3>