starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-04-24 17:28:29 +02:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

create fullchain.pem

Browse Source
This commit is contained in:
Lukas Schauer
2015-12-07 12:50:31 +01:00
parent 3cc587c224
commit 329acb58b5
4 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -2,4 +2,5 @@ private_key.pem
domains.txt domains.txt
config.sh config.sh
certs/* certs/*
!certs/lets-encrypt-x1-cross-signed.pem
.acme-challenges/* .acme-challenges/*

27
certs/lets-encrypt-x1-cross-signed.pem Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB
BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg
PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG
dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1
gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4
4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud
EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy
BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j
b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv
ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ
MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH
AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw
MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM
LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3
pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd
v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd
ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW
ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk
6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj
f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk=
-----END CERTIFICATE-----

1
config.sh.example
View File

@@ -5,6 +5,7 @@
#KEYSIZE=4096 #KEYSIZE=4096
#BASEDIR=./ #BASEDIR=./
#OPENSSL_CNF=.... # system default (see openssl version -d) #OPENSSL_CNF=.... # system default (see openssl version -d)
#ROOTCERT="lets-encrypt-x1-cross-signed.pem"
# program called before responding to the challenge, arguments: path/to/token # program called before responding to the challenge, arguments: path/to/token
# token; can be used to e.g. upload the challenge if this script doesn't run # token; can be used to e.g. upload the challenge if this script doesn't run

15
letsencrypt.sh
View File

@@ -15,6 +15,7 @@ PRIVATE_KEY_RENEW=no
SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
BASEDIR="${SCRIPTDIR}" BASEDIR="${SCRIPTDIR}"
OPENSSL_CNF="$(openssl version -d | cut -d'"' -f2)/openssl.cnf" OPENSSL_CNF="$(openssl version -d | cut -d'"' -f2)/openssl.cnf"
ROOTCERT="lets-encrypt-x1-cross-signed.pem"
# If exists load config from same directory as this script # If exists load config from same directory as this script
if [[ -e "${BASEDIR}/config.sh" ]]; then if [[ -e "${BASEDIR}/config.sh" ]]; then
@@ -196,6 +197,20 @@ sign_domain() {
printf -- '-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n' "${crt64}" > "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" printf -- '-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n' "${crt64}" > "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem"
rm -f "${BASEDIR}/certs/${domain}/cert.pem" rm -f "${BASEDIR}/certs/${domain}/cert.pem"
ln -s "cert-${timestamp}.pem" "${BASEDIR}/certs/${domain}/cert.pem" ln -s "cert-${timestamp}.pem" "${BASEDIR}/certs/${domain}/cert.pem"
# Create fullchain.pem
if [[ -e "${BASEDIR}/certs/${ROOTCERT}" ]] || [[ -e "${SCRIPTDIR}/certs/${ROOTCERT}" ]]; then
echo " + Creating fullchain.pem..."
if [[ -e "${BASEDIR}/certs/${ROOTCERT}" ]]; then
cat "${BASEDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
else
cat "${SCRIPTDIR}/certs/${ROOTCERT}" > "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
fi
cat "${BASEDIR}/certs/${domain}/cert-${timestamp}.pem" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
rm -f "${BASEDIR}/certs/${domain}/fullchain.pem"
ln -s "fullchain-${timestamp}.pem" "${BASEDIR}/certs/${domain}/fullchain.pem"
fi
echo " + Done!" echo " + Done!"
} }