[distorted-letsencrypt] / bin / make-cert

#! /bin/sh
set -e
usage=" TAG"
prog=$(readlink -e "$0")
. "${prog%/*}/../config.sh"
. "$home/lib/lib.sh"

run_as_user "$@"

## Pick out the certificate tag.
case $# in 0) fail_usage ;; esac
tag=$1; shift
case $# in 0) ;; *) fail_usage ;; esac

prepare_tmp $tag

## Get started.
cert=$home/cert/$tag
cd $cert
openssl req -in req -out $tmp/req.der -outform der
sans=$(openssl req -in req -text -noout |
	sed -n '
	  x
	  /^ *X509v3 Subject Alternative Name: $/ {
	    x
	    s/ *DNS://g
	    s/,/ /g
	    p
	    x
	  }')
make_le_conf $sans

cd $tmp
$home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
	-a webroot --csr $tmp/req.der certonly

cd $cert
cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
mv full-chain.new full-chain
Commit	Line	Data
55799f78 MW	1	#! /bin/sh
55799f78 MW	2	set -e
93005620	3	usage=" TAG"
c67523fe MW	4	prog=$(readlink -e "$0")
c67523fe MW	5	. "${prog%/*}/../config.sh"
55799f78 MW	6	. "$home/lib/lib.sh"
	7
	8	run_as_user "$@"
	9
	10	## Pick out the certificate tag.
	11	case $# in 0) fail_usage ;; esac
	12	tag=$1; shift
	13	case $# in 0) ;; *) fail_usage ;; esac
	14
	15	prepare_tmp $tag
	16
	17	## Get started.
08eee2f6 MW	18	cert=$home/cert/$tag
08eee2f6 MW	19	cd $cert
55799f78 MW	20	openssl req -in req -out $tmp/req.der -outform der
	21	sans=$(openssl req -in req -text -noout \|
	22	sed -n '
	23	x
	24	/^ *X509v3 Subject Alternative Name: $/ {
	25	x
	26	s/ *DNS://g
	27	s/,/ /g
	28	p
	29	x
	30	}')
	31	make_le_conf $sans
	32
08eee2f6 MW	33	cd $tmp
	34	$home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
	35	-a webroot --csr $tmp/req.der certonly
	36
	37	cd $cert
	38	cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
	39	mv full-chain.new full-chain