starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-03-17 23:03:47 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

check certificate to detect corruption

Browse Source
This commit is contained in:
Simon Ruderich
2015-12-08 16:39:34 +01:00
parent 43b00611b1
commit 10cf229981
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
letsencrypt.sh
View File

@@ -272,11 +272,14 @@ sign_domain() {
csr64="$(openssl req -in "${BASEDIR}/certs/${domain}/cert-${timestamp}.csr" -outform DER | urlbase64)"
crt64="$(signed_request "${CA_NEW_CERT}" '{"resource": "new-cert", "csr": "'"${csr64}"'"}' | openssl base64 -e)"
printf -- '-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n' "${crt64}" > "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem"
# try to load the certificate to detect corruption
echo " + Checking certificate..." >&2
_openssl x509 -text < "${crt_path}"
# Create fullchain.pem
if [[ -e "${BASEDIR}/certs/${ROOTCERT}" ]] || [[ -e "${SCRIPTDIR}/certs/${ROOTCERT}" ]]; then
echo " + Creating fullchain.pem..."
cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
cat "${crt_path}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
if [[ -e "${BASEDIR}/certs/${ROOTCERT}" ]]; then
cat "${BASEDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
else