Add acme certificates for all configured hosts in ejabberd_pkix

src/ejabberd_acme.erl

@@ -10,6 +10,8 @@
 	 is_valid_verbose_opt/1,
 	 is_valid_domain_opt/1,
 	 is_valid_revoke_cert/1,
+	 %% Called by ejabberd_pkix
+	 certificate_exists/1,
 	 %% Key Related
 	 generate_key/0,
 	 to_public/1
@@ -539,6 +541,25 @@ domain_certificate_exists(Domain) ->
     lists:keyfind(Domain, 1, Certs).
 
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%
+%% Called by ejabberd_pkix to check
+%% if a certificate exists for a 
+%% specific host
+%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+-spec certificate_exists(bitstring()) -> {true, file:filename()} | false.
+certificate_exists(Host) ->
+    Certificates = read_certificates_persistent(),
+    case lists:keyfind(Host, 1 , Certificates) of
+	false ->
+	    false;
+	{Host, #data_cert{path=Path}} ->
+	    {true, Path}
+    end.
+
+
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %%
 %% Certificate Request Functions

src/ejabberd_pkix.erl

@@ -204,15 +204,24 @@ add_certfiles(State) ->
       end, State, ejabberd_config:get_myhosts()).
 
 add_certfiles(Host, State) ->
-    lists:foldl(
-      fun(Opt, AccState) ->
-	      case ejabberd_config:get_option({Opt, Host}) of
-		  undefined -> AccState;
-		  Path ->
-		      {_, NewAccState} = add_certfile(Path, AccState),
-		      NewAccState
-	      end
-      end, State, [c2s_certfile, s2s_certfile, domain_certfile]).
+    NewState =
+	lists:foldl(
+	  fun(Opt, AccState) ->
+		  case ejabberd_config:get_option({Opt, Host}) of
+		      undefined -> AccState;
+		      Path ->
+			  {_, NewAccState} = add_certfile(Path, AccState),
+			  NewAccState
+		  end
+	  end, State, [c2s_certfile, s2s_certfile, domain_certfile]),
+    %% Add acme certificate if it exists
+    case ejabberd_acme:certificate_exists(Host) of
+	{true, Path} ->
+	    {_, FinalState} = add_certfile(Path, NewState),
+	    FinalState;
+	false ->
+	    NewState
+    end.
 
 add_certfile(Path, State) ->
     case maps:get(Path, State#state.certs, undefined) of