| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 |
- #!/bin/bash
- # script convert end make ssl sert for https
- # info -
- #
- path_certbot="/etc/letsencrypt/live";
- path_ssl="/etc/ssl/private";
- source certbot.conf;
- logfile="/var/log/syslog";
- #
- cmd=$1;
- #
- function makesslkey() {
- :>/etc/ssl/crt-list.txt
- for ((dmn=0; dmn != ${#domains[@]}; dmn++))
- do
- cat $path_certbot/${domains[$dmn]}/cert.pem > $path_ssl/${domains[$dmn]}.pem;
- cat $path_certbot/${domains[$dmn]}/chain.pem >> $path_ssl/${domains[$dmn]}.pem;
- cat $path_certbot/${domains[$dmn]}/fullchain.pem >> $path_ssl/${domains[$dmn]}.pem;
- cat $path_certbot/${domains[$dmn]}/privkey.pem >> $path_ssl/${domains[$dmn]}.pem;
- done
- for ((icrt=0; icrt != ${#domains[@]}; icrt++))
- do
- echo "$path_ssl/${domains[$icrt]}.pem">>/etc/ssl/crt-list.txt
- done
- }
- function renew() {
- /etc/init.d/haproxy stop;
- certbot renew;
- /etc/init.d/haproxy start;
- }
- function createCert() {
- certbot register --agree-tos -m $adminmail;
- /etc/init.d/haproxy stop;
- for ((dmn=0; dmn != ${#domains[@]}; dmn++))
- do
- certbot certonly --preferred-challenges http --standalone -d ${domains[$dmn]};
- done
- makesslkey;
- /etc/init.d/haproxy start;
- }
- case "$cmd" in
- ## create cert
- "--create" | "--create" )
- createCert;
- ;;
- ## create cert keys
- "--keylist" | "--keylist" )
- makesslkey;
- ;;
- ## update cert
- "--update" | "--update" )
- renew;
- ;;
- ## start defaults
- * )
- echo "please input pameters: autocertbot.sh --create | --update | --keylist";
- echo "autocertbot.sh --create; create new certificate"
- echo "autocertbot.sh --update; update certificates;"
- echo "autocertbot.sh --keylist; create ssl keylist;"
- ;;
- esac
|
