Commit | Line | Data |
---|---|---|
55799f78 MW |
1 | #! /bin/sh |
2 | set -e | |
93005620 | 3 | usage=" TAG" |
55799f78 MW |
4 | . "${0%/*}/../config.sh" |
5 | . "$home/lib/lib.sh" | |
6 | ||
7 | run_as_user "$@" | |
8 | ||
9 | ## Pick out the certificate tag. | |
10 | case $# in 0) fail_usage ;; esac | |
11 | tag=$1; shift | |
12 | case $# in 0) ;; *) fail_usage ;; esac | |
13 | ||
14 | prepare_tmp $tag | |
15 | ||
16 | ## Get started. | |
08eee2f6 MW |
17 | cert=$home/cert/$tag |
18 | cd $cert | |
55799f78 MW |
19 | openssl req -in req -out $tmp/req.der -outform der |
20 | sans=$(openssl req -in req -text -noout | | |
21 | sed -n ' | |
22 | x | |
23 | /^ *X509v3 Subject Alternative Name: $/ { | |
24 | x | |
25 | s/ *DNS://g | |
26 | s/,/ /g | |
27 | p | |
28 | x | |
29 | }') | |
30 | make_le_conf $sans | |
31 | ||
08eee2f6 MW |
32 | cd $tmp |
33 | $home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \ | |
34 | -a webroot --csr $tmp/req.der certonly | |
35 | ||
36 | cd $cert | |
37 | cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new | |
38 | mv full-chain.new full-chain |