#! /bin/sh
set -e
usage=" TAG"
-. "${0%/*}/../config.sh"
+prog=$(readlink -e "$0")
+. "${prog%/*}/../config.sh"
. "$home/lib/lib.sh"
run_as_user "$@"
prepare_tmp $tag
-## Get started.
-cd $home/cert/$tag
-openssl req -in req -out $tmp/req.der -outform der
-sans=$(openssl req -in req -text -noout |
- sed -n '
- x
- /^ *X509v3 Subject Alternative Name: $/ {
- x
- s/ *DNS://g
- s/,/ /g
- p
- x
- }')
-make_le_conf $sans
+## Make sure there's no proxy. I get `urn:acme:error:badNonce' with high
+## probability if I use IPv6, so avoid rolling the dice.
+unset http_proxy
-cat "$tmp/le.conf"
+## Let's go.
+cert=$home/cert/$tag
+cd $cert
+dehydrated -f $HOME/dehydrated-config.sh -fc -s req >full-chain.new
+mv full-chain.new full-chain