#!/bin/sh # Open Infrastructure: service-tools # Copyright (C) 2014-2022 Daniel Baumann # # SPDX-License-Identifier: GPL-3.0+ # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . set -e echo " + Creating extra certificate files:" DIRECTORY="$(dirname "${CERTFILE}")" echo -n " + root and intermediate CA:" TMPFILE="$(mktemp -p "${DIRECTORY}" -u ca.XXXXXXXXXX)" grep -Ev '^$' "${CHAINFILE}" | csplit -f "${TMPFILE}" -s -z - '/-----BEGIN CERTIFICATE-----/' '{*}' mv "${TMPFILE}00" "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" ln -sf "${DIRECTORY}/ca-intermediate-${TIMESTAMP}.pem" "${DIRECTORY}/ca-intermediate.pem" mv "${TMPFILE}01" "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" ln -sf "${DIRECTORY}/ca-root-${TIMESTAMP}.pem" "${DIRECTORY}/ca-root.pem" echo " done." for EXTRA in fullchain-privkey privkey-fullchain do echo -n " + creating ${EXTRA1}-${EXTRA2}:" EXTRA1="$(echo ${EXTRA} | awk -F- '{ print $1 }')" EXTRA2="$(echo ${EXTRA} | awk -F- '{ print $2 }')" cat "${DIRECTORY}/${EXTRA1}-${TIMESTAMP}.pem" "${DIRECTORY}/${EXTRA2}-${TIMESTAMP}.pem" > "${DIRECTORY}/${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" ln -sf "${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" "${DIRECTORY}/cert.${EXTRA1}-${EXTRA2}.pem" echo " done." done