Skip to content

Commit d4df6ad

Browse files
author
neil
committed
add ca cert
1 parent cd3cdb5 commit d4df6ad

File tree

1 file changed

+15
-21
lines changed

1 file changed

+15
-21
lines changed

le.sh

Lines changed: 15 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -3,22 +3,11 @@
33

44
WORKING_DIR=~/.le
55

6-
ACCOUNT_KEY_PATH=$WORKING_DIR/account.acc
7-
8-
CERT_KEY_PATH=$WORKING_DIR/domain.key
9-
10-
CSR_PATH=$WORKING_DIR/domain.csr
11-
12-
CERT_PATH=$WORKING_DIR/domain.cer
13-
14-
DOMAIN_CONF=$WORKING_DIR/domain.conf
15-
166
CURL_HEADER=""
17-
187
HEADER=""
198
HEADERPLACE=""
20-
219
ACCOUNT_EMAIL=""
10+
2211
DEFAULT_CA="https://acme-v01.api.letsencrypt.org"
2312

2413
API=$DEFAULT_CA
@@ -58,7 +47,7 @@ createAccountKey() {
5847
echo Use default length 2048
5948
length=2048
6049
fi
61-
50+
_initpath
6251
mkdir -p $WORKING_DIR
6352
ACCOUNT_KEY_PATH=$WORKING_DIR/account.acc
6453

@@ -85,7 +74,7 @@ createDomainKey() {
8574
echo Use default length 2048
8675
length=2048
8776
fi
88-
77+
_initpath $domain
8978
mkdir -p $WORKING_DIR/$domain
9079
CERT_KEY_PATH=$WORKING_DIR/$domain/$domain.key
9180

@@ -185,10 +174,10 @@ _send_signed_request() {
185174
_get() {
186175
url="$1"
187176
_debug url $url
188-
response=$(curl --silent $url)
177+
response="$(curl --silent $url)"
189178
ret=$?
190179
_debug response "$response"
191-
code=$(echo $response | grep -o '"status":[0-9]\+' | cut -d : -f 2)
180+
code="$(echo $response | grep -o '"status":[0-9]\+' | cut -d : -f 2)"
192181
_debug code $code
193182
return $ret
194183
}
@@ -229,13 +218,13 @@ _initpath() {
229218

230219
mkdir -p $WORKING_DIR/$domain
231220

232-
233221
CSR_PATH=$WORKING_DIR/$domain/$domain.csr
234222

235223
CERT_KEY_PATH=$WORKING_DIR/$domain/$domain.key
236224

237225
CERT_PATH=$WORKING_DIR/$domain/$domain.cer
238-
226+
227+
CA_CERT_PATH=$WORKING_DIR/$domain/ca.cer
239228
}
240229

241230
#issue webroot a.com [www.a.com,b.com,c.com] [key-length] [cert-file-path] [key-file-path] [reloadCmd]
@@ -423,7 +412,14 @@ issue() {
423412
Le_LinkIssuer=$(grep -i '^Link' $CURL_HEADER | cut -d " " -f 2| cut -d ';' -f 1 | sed 's/<//g' | sed 's/>//g')
424413
_setopt $DOMAIN_CONF "Le_LinkIssuer" "=" "$Le_LinkIssuer"
425414

426-
415+
if [ "$Le_LinkIssuer" ] ; then
416+
_get "$Le_LinkIssuer"
417+
echo -----BEGIN CERTIFICATE----- > $CA_CERT_PATH
418+
echo $response | base64 | sed "s/ /\n/g" >> $CA_CERT_PATH
419+
echo -----END CERTIFICATE----- >> $CA_CERT_PATH
420+
_info "The intermediate CA cert is in $CA_CERT_PATH"
421+
fi
422+
427423
Le_CertCreateTime=$(date -u "+%s")
428424
_setopt $DOMAIN_CONF "Le_CertCreateTime" "=" "$Le_CertCreateTime"
429425

@@ -468,8 +464,6 @@ issue() {
468464

469465
}
470466

471-
472-
473467
renew() {
474468
Le_Domain="$1"
475469
if [ -z "$Le_Domain" ] ; then

0 commit comments

Comments
 (0)