[distorted-letsencrypt] / bin / make-cert

#! /bin/sh
set -e
usage=" TAG"
. "${0%/*}/../config.sh"
. "$home/lib/lib.sh"

run_as_user "$@"

## Pick out the certificate tag.
case $# in 0) fail_usage ;; esac
tag=$1; shift
case $# in 0) ;; *) fail_usage ;; esac

prepare_tmp $tag

## Get started.
cert=$home/cert/$tag
cd $cert
openssl req -in req -out $tmp/req.der -outform der
sans=$(openssl req -in req -text -noout |
	sed -n '
	  x
	  /^ *X509v3 Subject Alternative Name: $/ {
	    x
	    s/ *DNS://g
	    s/,/ /g
	    p
	    x
	  }')
make_le_conf $sans

cd $tmp
$home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
	-a webroot --csr $tmp/req.der certonly

cd $cert
cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
mv full-chain.new full-chain
Commit	Line	Data
55799f78 MW	1	#! /bin/sh
55799f78 MW	2	set -e
93005620	3	usage=" TAG"
55799f78 MW	4	. "${0%/*}/../config.sh"
	5	. "$home/lib/lib.sh"
	6
	7	run_as_user "$@"
	8
	9	## Pick out the certificate tag.
	10	case $# in 0) fail_usage ;; esac
	11	tag=$1; shift
	12	case $# in 0) ;; *) fail_usage ;; esac
	13
	14	prepare_tmp $tag
	15
	16	## Get started.
08eee2f6 MW	17	cert=$home/cert/$tag
08eee2f6 MW	18	cd $cert
55799f78 MW	19	openssl req -in req -out $tmp/req.der -outform der
	20	sans=$(openssl req -in req -text -noout \|
	21	sed -n '
	22	x
	23	/^ *X509v3 Subject Alternative Name: $/ {
	24	x
	25	s/ *DNS://g
	26	s/,/ /g
	27	p
	28	x
	29	}')
	30	make_le_conf $sans
	31
08eee2f6 MW	32	cd $tmp
	33	$home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
	34	-a webroot --csr $tmp/req.der certonly
	35
	36	cd $cert
	37	cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
	38	mv full-chain.new full-chain