starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-04-22 16:28:28 +02:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

grab root certificate url from certificate, fixes #43

Browse Source
This commit is contained in:
Lukas Schauer
2015-12-14 14:30:37 +01:00
parent 6816216fdb
commit 1eb6f6d287
2 changed files with 5 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config.sh.example
View File

@@ -34,9 +34,6 @@
# Path to openssl config file (default: <unset> - tries to figure out system default) # Path to openssl config file (default: <unset> - tries to figure out system default)
#OPENSSL_CNF= #OPENSSL_CNF=
# Name of root certificate (default: lets-encrypt-x1-cross-signed.pem)
#ROOTCERT="lets-encrypt-x1-cross-signed.pem"
# Program or function called in certain situations # Program or function called in certain situations
# #
# After generating the challenge-response, or after failed challenge (in this case altname is empty) # After generating the challenge-response, or after failed challenge (in this case altname is empty)

13
letsencrypt.sh
View File

@@ -21,7 +21,6 @@ KEYSIZE="4096"
WELLKNOWN= WELLKNOWN=
PRIVATE_KEY_RENEW="no" PRIVATE_KEY_RENEW="no"
OPENSSL_CNF="$(openssl version -d | cut -d'"' -f2)/openssl.cnf" OPENSSL_CNF="$(openssl version -d | cut -d'"' -f2)/openssl.cnf"
ROOTCERT="lets-encrypt-x1-cross-signed.pem"
CONTACT_EMAIL= CONTACT_EMAIL=
set_defaults() { set_defaults() {
@@ -372,12 +371,10 @@ sign_domain() {
_openssl x509 -text < "${crt_path}" _openssl x509 -text < "${crt_path}"
# Create fullchain.pem # Create fullchain.pem
if [[ -e "${BASEDIR}/certs/${ROOTCERT}" ]]; then echo " + Creating fullchain.pem..."
echo " + Creating fullchain.pem..." cat "${crt_path}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
cat "${crt_path}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" _request get "$(openssl x509 -in "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" -noout -text | grep 'CA Issuers - URI:' | cut -d':' -f2-)" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
cat "${BASEDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem" ln -sf "fullchain-${timestamp}.pem" "${BASEDIR}/certs/${domain}/fullchain.pem"
ln -sf "fullchain-${timestamp}.pem" "${BASEDIR}/certs/${domain}/fullchain.pem"
fi
# Update remaining symlinks # Update remaining symlinks
if [ ! "${privkey}" = "privkey.pem" ]; then if [ ! "${privkey}" = "privkey.pem" ]; then
@@ -502,7 +499,7 @@ command_help() {
command_env() { command_env() {
echo "# letsencrypt.sh configuration" echo "# letsencrypt.sh configuration"
typeset -p CONFIG typeset -p CONFIG
typeset -p CA LICENSE BASEDIR WELLKNOWN PRIVATE_KEY KEYSIZE OPENSSL_CNF ROOTCERT HOOK RENEW_DAYS PRIVATE_KEY_RENEW CONTACT_EMAIL typeset -p CA LICENSE BASEDIR WELLKNOWN PRIVATE_KEY KEYSIZE OPENSSL_CNF HOOK RENEW_DAYS PRIVATE_KEY_RENEW CONTACT_EMAIL
exit 0 exit 0
} }