diff options
author | Daniel Baumann <daniel.baumann@open-infrastructure.net> | 2022-10-28 11:28:17 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@open-infrastructure.net> | 2022-10-28 12:58:19 +0000 |
commit | 3a3a3496b633bdc7603f147eaa388f6effea2f14 (patch) | |
tree | f6b6700311aaaef0dc5f842b5b112abb5257dfc1 | |
parent | Using variable for service-tools in makefile. (diff) | |
download | service-tools-3a3a3496b633bdc7603f147eaa388f6effea2f14.tar.xz service-tools-3a3a3496b633bdc7603f147eaa388f6effea2f14.zip |
Providing individual root and intermediate certificate files in dehydrated extra hook.
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
-rwxr-xr-x | dehydrated/share/hooks/deploy_cert.extra | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/dehydrated/share/hooks/deploy_cert.extra b/dehydrated/share/hooks/deploy_cert.extra index ec61676..efca7b0 100755 --- a/dehydrated/share/hooks/deploy_cert.extra +++ b/dehydrated/share/hooks/deploy_cert.extra @@ -21,17 +21,32 @@ set -e -echo " + Creating extra certificate files..." +echo " + Creating extra certificate files:" DIRECTORY="$(dirname "${CERTFILE}")" +echo -n " + root and intermediate CA:" + +TMPFILE="$(mktemp -p "${DIRECTORY}" -u ca.XXXXXXXXXX)" +grep -Ev '^$' "${CHAINFILE}" | csplit -f "${TMPFILE}" -s -z - '/-----BEGIN CERTIFICATE-----/' '{*}' + +mv "${TMPFILE}00" "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" +ln -s "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" "${DIRECTORY}/ca-intermediate.pem" + +mv "${TMPFILE}01" "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" +ln -s "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" "${DIRECTORY}/ca-root.pem" + +echo " done." + for EXTRA in fullchain-privkey privkey-fullchain do + echo -n " + creating ${EXTRA1}-${EXTRA2}:" + EXTRA1="$(echo ${EXTRA} | awk -F- '{ print $1 }')" EXTRA2="$(echo ${EXTRA} | awk -F- '{ print $2 }')" cat "${EXTRA1}-${TIMESTAMP}.pem" "${EXTRA2}-${TIMESTAMP}.pem" > "${DIRECTORY}/${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" ln -sf "${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" "${DIRECTORY}/cert.${EXTRA1}-${EXTRA2}.pem" -done -echo " done." + echo " done." +done |