Merge branch 'master' into master

cli/Valet/Brew.php

@@ -129,7 +129,8 @@ function restartService($services)
         $services = is_array($services) ? $services : func_get_args();
 
         foreach ($services as $service) {
-            $this->cli->quietly('sudo brew services restart '.$service);
+            $this->cli->quietly('sudo brew services stop '.$service);
+            $this->cli->quietly('sudo brew services start '.$service);
         }
     }
 

cli/Valet/Nginx.php

@@ -122,7 +122,7 @@ function rewriteSecureNginxFiles()
      */
     function restart()
     {
-        $this->cli->quietly('sudo brew services restart '. $this->brew->nginxServiceName());
+        $this->brew->restartService($this->brew->nginxServiceName());
     }
 
     /**

cli/Valet/PhpFpm.php

@@ -75,8 +75,6 @@ function updateConfiguration()
      */
     function restart()
     {
-        $this->stop();
-
         $this->brew->restartLinkedPhp();
     }
 

cli/Valet/Site.php

@@ -151,12 +151,15 @@ function createCertificate($url)
         $keyPath = $this->certificatesPath().'/'.$url.'.key';
         $csrPath = $this->certificatesPath().'/'.$url.'.csr';
         $crtPath = $this->certificatesPath().'/'.$url.'.crt';
+        $confPath = $this->certificatesPath().'/'.$url.'.conf';
 
+        $this->buildCertificateConf($confPath, $url);
         $this->createPrivateKey($keyPath);
-        $this->createSigningRequest($url, $keyPath, $csrPath);
+        $this->createSigningRequest($url, $keyPath, $csrPath, $confPath);
 
         $this->cli->runAsUser(sprintf(
-            'openssl x509 -req -days 365 -in %s -signkey %s -out %s', $csrPath, $keyPath, $crtPath
+            'openssl x509 -req -days 365 -in %s -signkey %s -out %s -extensions v3_req -extfile %s',
+            $csrPath, $keyPath, $crtPath, $confPath
         ));
 
         $this->trustCertificate($crtPath);
@@ -179,11 +182,11 @@ function createPrivateKey($keyPath)
      * @param  string  $keyPath
      * @return void
      */
-    function createSigningRequest($url, $keyPath, $csrPath)
+    function createSigningRequest($url, $keyPath, $csrPath, $confPath)
     {
         $this->cli->runAsUser(sprintf(
-            'openssl req -new -subj "/C=/ST=/O=/localityName=/commonName=%s/organizationalUnitName=/emailAddress=/" -key %s -out %s -passin pass:',
-            $url, $keyPath, $csrPath
+            'openssl req -new -key %s -out %s -subj "/C=/ST=/O=/localityName=/commonName=*.%s/organizationalUnitName=/emailAddress=/" -config %s -passin pass:',
+            $keyPath, $csrPath, $url, $confPath
         ));
     }
 
@@ -200,6 +203,18 @@ function trustCertificate($crtPath)
         ));
     }
 
+    /**
+     * Build the SSL config for the given URL.
+     *
+     * @param  string  $url
+     * @return string
+     */
+    function buildCertificateConf($path, $url)
+    {
+        $config = str_replace('VALET_DOMAIN', $url, $this->files->get(__DIR__.'/../stubs/openssl.conf'));
+        $this->files->putAsUser($path, $config);
+    }
+
     /**
      * Build the TLS secured Nginx server for the given URL.
      *
@@ -228,6 +243,7 @@ function unsecure($url)
         if ($this->files->exists($this->certificatesPath().'/'.$url.'.crt')) {
             $this->files->unlink(VALET_HOME_PATH.'/Nginx/'.$url);
 
+            $this->files->unlink($this->certificatesPath().'/'.$url.'.conf');
             $this->files->unlink($this->certificatesPath().'/'.$url.'.key');
             $this->files->unlink($this->certificatesPath().'/'.$url.'.csr');
             $this->files->unlink($this->certificatesPath().'/'.$url.'.crt');