-
Notifications
You must be signed in to change notification settings - Fork 59
Expand file tree
/
Copy pathrenew
More file actions
executable file
·24 lines (17 loc) · 858 Bytes
/
Copy pathrenew
File metadata and controls
executable file
·24 lines (17 loc) · 858 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
#!/usr/bin/env bash
set -e
cd /etc/nginx/ssl
echo >> certbot.log
date >> certbot.log
set +e
curve_count=$(openssl pkey -pubin -in /opt/boulder/labca/certs/webpki/issuer-01-pubkey.pem -text | grep -i curve | wc -l)
set -e
keytype=ecdsa
[ "$curve_count" == "0" ] && keytype=rsa || /bin/true
email=$(grep "\"email\":" /opt/labca/data/config.json | grep -v " {" | cut -d ":" -f 2 | sed -e "s/[\", ]*//g")
fqdn=$(grep "\"fqdn\":" /opt/labca/data/config.json | grep -v " {" | cut -d ":" -f 2 | sed -e "s/[\", ]*//g")
certbot certonly --agree-tos --config-dir $(pwd) -d $fqdn --email $email --key-type $keytype -n --server http://boulder:4001/directory --webroot --webroot-path /var/www/html >> certbot.log 2>&1 || exit 1
ln -sf live/$fqdn/fullchain.pem labca_cert.pem
ln -sf live/$fqdn/privkey.pem labca_key.pem
cd /opt/boulder
docker compose restart nginx