~mdw / distorted-letsencrypt / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cf2506f)
bin/reissue: New script to reissue certificates before they expire.
authorMark Wooding <mdw@distorted.org.uk>
Tue, 23 Feb 2016 09:57:01 +0000 (09:57 +0000)
committerMark Wooding <mdw@distorted.org.uk>
Tue, 23 Feb 2016 10:00:17 +0000 (10:00 +0000)
bin/reissue [new file with mode: 0755] patch | blob
config.sh patch | blob | blame | history

diff --git a/bin/reissue b/bin/reissue
new file mode 100755 (executable)
index 0000000..32301ef
--- /dev/null
+++ b/bin/reissue
@@ -0,0 +1,18 @@
+#! /bin/sh
+set -e
+usage=""
+. "${0%/*}/../config.sh"
+. "$home/lib/lib.sh"
+
+run_as_user "$@"
+
+case $# in 0) ;; *) fail_usage ;; esac
+
+myrc=0
+for tagdir in $home/cert/*; do
+  tag=${tagdir##*/} cert=$tagdir/full-chain
+  if openssl x509 -in "$cert" -noout -checkend $certlife; then continue; fi
+  set +e; $home/bin/make-cert "$tag"; rc=$?; set -e
+  case $? in 0) ;; *) myrc=$rc ;; esac
+done
+exit $myrc
diff --git a/config.sh b/config.sh
index ab184af..d574050 100644 (file)
--- a/config.sh
+++ b/config.sh
@@ -1,3 +1,4 @@
 ### -*-sh-*-
 user=letsencrypt
 home=$(getent passwd $user | cut -d: -f6)
+certlife=$(( 28*86400 ))
Wrapping around the EFF LetsEncrypt client.