Convert between pem and crt if letsencrypt fails
This commit is contained in:
parent
1d5edecce3
commit
0b8fc22d70
|
@ -156,26 +156,33 @@ function check_certificates {
|
|||
USE_LETSENCRYPT=$2
|
||||
fi
|
||||
if [[ $USE_LETSENCRYPT == 'no' ]]; then
|
||||
if [ ! -f /etc/ssl/private/$1.key ]; then
|
||||
echo $"Private certificate for $CHECK_HOSTNAME was not created"
|
||||
if [ ! -f /etc/ssl/private/${1}.key ]; then
|
||||
echo $"Private certificate for ${CHECK_HOSTNAME} was not created"
|
||||
exit 63959
|
||||
fi
|
||||
if [ ! -f /etc/ssl/certs/$1.crt ]; then
|
||||
echo $"Public certificate for $CHECK_HOSTNAME was not created"
|
||||
if [ ! -f /etc/ssl/certs/${1}.crt ]; then
|
||||
echo $"Public certificate for ${CHECK_HOSTNAME} was not created"
|
||||
exit 7679
|
||||
fi
|
||||
|
||||
if grep -q "${1}.pem" /etc/nginx/sites-available/${1}; then
|
||||
sed -i "s|${1}.pem|${1}.crt|g" /etc/nginx/sites-available/${1}
|
||||
fi
|
||||
else
|
||||
if [ ! -f /etc/letsencrypt/live/${1}/privkey.pem ]; then
|
||||
echo $"Private certificate for $CHECK_HOSTNAME was not created"
|
||||
echo $"Private certificate for ${CHECK_HOSTNAME} was not created"
|
||||
exit 6282
|
||||
fi
|
||||
if [ ! -f /etc/letsencrypt/live/${1}/fullchain.pem ]; then
|
||||
echo $"Public certificate for $CHECK_HOSTNAME was not created"
|
||||
echo $"Public certificate for ${CHECK_HOSTNAME} was not created"
|
||||
exit 5328
|
||||
fi
|
||||
if grep -q "${1}.crt" /etc/nginx/sites-available/${1}; then
|
||||
sed -i "s|${1}.crt|${1}.pem|g" /etc/nginx/sites-available/${1}
|
||||
fi
|
||||
if [ ! -f /etc/ssl/certs/$1.dhparam ]; then
|
||||
echo $"Diffie–Hellman parameters for $CHECK_HOSTNAME were not created"
|
||||
fi
|
||||
if [ ! -f /etc/ssl/certs/${1}.dhparam ]; then
|
||||
echo $"Diffie–Hellman parameters for ${CHECK_HOSTNAME} were not created"
|
||||
exit 5989
|
||||
fi
|
||||
}
|
||||
|
@ -190,26 +197,26 @@ function create_site_certificate {
|
|||
fi
|
||||
|
||||
if [[ $ONION_ONLY == "no" ]]; then
|
||||
if [ ! -f /etc/ssl/certs/$SITE_DOMAIN_NAME.dhparam ]; then
|
||||
if [ ! -f /etc/ssl/certs/${SITE_DOMAIN_NAME}.dhparam ]; then
|
||||
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
|
||||
${PROJECT_NAME}-addcert -h $SITE_DOMAIN_NAME --dhkey $DH_KEYLENGTH
|
||||
${PROJECT_NAME}-addcert -h ${SITE_DOMAIN_NAME} --dhkey ${DH_KEYLENGTH}
|
||||
function_check check_certificates
|
||||
check_certificates $SITE_DOMAIN_NAME
|
||||
check_certificates ${SITE_DOMAIN_NAME}
|
||||
else
|
||||
${PROJECT_NAME}-addcert -e $SITE_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
|
||||
${PROJECT_NAME}-addcert -e ${SITE_DOMAIN_NAME} -s ${LETSENCRYPT_SERVER} --dhkey ${DH_KEYLENGTH} --email ${MY_EMAIL_ADDRESS}
|
||||
if [ ! "$?" = "0" ]; then
|
||||
if [[ $NO_SELF_SIGNED == 'no' ]]; then
|
||||
echo $"Lets Encrypt failed for $SITE_DOMAIN_NAME, so try making a self-signed cert"
|
||||
${PROJECT_NAME}-addcert -h $SITE_DOMAIN_NAME --dhkey $DH_KEYLENGTH
|
||||
if [[ ${NO_SELF_SIGNED} == 'no' ]]; then
|
||||
echo $"Lets Encrypt failed for ${SITE_DOMAIN_NAME}, so try making a self-signed cert"
|
||||
${PROJECT_NAME}-addcert -h ${SITE_DOMAIN_NAME} --dhkey ${DH_KEYLENGTH}
|
||||
function_check check_certificates
|
||||
check_certificates $SITE_DOMAIN_NAME
|
||||
check_certificates ${SITE_DOMAIN_NAME}
|
||||
else
|
||||
echo $"Lets Encrypt failed for $SITE_DOMAIN_NAME"
|
||||
exit 682529
|
||||
fi
|
||||
else
|
||||
function_check check_certificates
|
||||
check_certificates $SITE_DOMAIN_NAME 'yes'
|
||||
check_certificates ${SITE_DOMAIN_NAME} 'yes'
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue