--- /dev/null
+#! /bin/sh
+set -e
+usage=""
+. "${0%/*}/../config.sh"
+. "$home/lib/lib.sh"
+
+run_as_user "$@"
+
+case $# in 0) ;; *) fail_usage ;; esac
+
+myrc=0
+for tagdir in $home/cert/*; do
+ tag=${tagdir##*/} cert=$tagdir/full-chain
+ if openssl x509 -in "$cert" -noout -checkend $certlife; then continue; fi
+ set +e; $home/bin/make-cert "$tag"; rc=$?; set -e
+ case $? in 0) ;; *) myrc=$rc ;; esac
+done
+exit $myrc