From 3a3a3496b633bdc7603f147eaa388f6effea2f14 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 28 Oct 2022 13:28:17 +0200 Subject: Providing individual root and intermediate certificate files in dehydrated extra hook. Signed-off-by: Daniel Baumann --- dehydrated/share/hooks/deploy_cert.extra | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/dehydrated/share/hooks/deploy_cert.extra b/dehydrated/share/hooks/deploy_cert.extra index ec61676..efca7b0 100755 --- a/dehydrated/share/hooks/deploy_cert.extra +++ b/dehydrated/share/hooks/deploy_cert.extra @@ -21,17 +21,32 @@ set -e -echo " + Creating extra certificate files..." +echo " + Creating extra certificate files:" DIRECTORY="$(dirname "${CERTFILE}")" +echo -n " + root and intermediate CA:" + +TMPFILE="$(mktemp -p "${DIRECTORY}" -u ca.XXXXXXXXXX)" +grep -Ev '^$' "${CHAINFILE}" | csplit -f "${TMPFILE}" -s -z - '/-----BEGIN CERTIFICATE-----/' '{*}' + +mv "${TMPFILE}00" "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" +ln -s "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" "${DIRECTORY}/ca-intermediate.pem" + +mv "${TMPFILE}01" "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" +ln -s "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" "${DIRECTORY}/ca-root.pem" + +echo " done." + for EXTRA in fullchain-privkey privkey-fullchain do + echo -n " + creating ${EXTRA1}-${EXTRA2}:" + EXTRA1="$(echo ${EXTRA} | awk -F- '{ print $1 }')" EXTRA2="$(echo ${EXTRA} | awk -F- '{ print $2 }')" cat "${EXTRA1}-${TIMESTAMP}.pem" "${EXTRA2}-${TIMESTAMP}.pem" > "${DIRECTORY}/${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" ln -sf "${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" "${DIRECTORY}/cert.${EXTRA1}-${EXTRA2}.pem" -done -echo " done." + echo " done." +done -- cgit v1.2.3