You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#!/usr/bin/env sh
# Script for acme.sh to deploy certificates to a VMware UAG appliance## The following variables can be exported:## export DEPLOY_VMWAREUAG_USERNAME="admin"# export DEPLOY_VMWAREUAG_PASSWORD="" - required# export DEPLOY_VMWAREUAG_HOST="" - required (space seperated list) host:port# export DEPLOY_VMWAREUAG_HTTPS_INSECURE="1" - defaults to insecure##
######## Public functions #####################
#domain keyfile certfile cafile fullchainvmwareuag_deploy() { _cdomain="$1" _ckey="$2" _ccert="$3" _cca="$4" _cfullchain="$5"
# Some defaults DEPLOY_VMWAREUAG_USERNAME_DEFAULT="admin" DEPLOY_VMWAREUAG_HTTPS_INSECURE="1"
if [ -f "${DOMAIN_CONF}" ]; then # shellcheck disable=SC1090 . "${DOMAIN_CONF}" fi
_debug _cdomain "${_cdomain}" _debug _ckey "${_ckey}" _debug _ccert "${_ccert}" _debug _cca "${_cca}" _debug _cfullchain "${_cfullchain}"
# USERNAME is optional. If not provided then assume "${DEPLOY_VMWAREUAG_USERNAME_DEFAULT}" if [ -n "${DEPLOY_VMWAREUAG_USERNAME}" ]; then Le_Deploy_vmwareuag_username="${DEPLOY_VMWAREUAG_USERNAME}" _savedomainconf Le_Deploy_vmwareuag_username "${Le_Deploy_vmwareuag_username}" elif [ -z "${Le_Deploy_vmwareuag_username}" ]; then Le_Deploy_vmwareuag_username="${DEPLOY_VMWAREUAG_USERNAME_DEFAULT}" fi
# PASSWORD is required. if [ -n "${DEPLOY_VMWAREUAG_PASSWORD}" ]; then Le_Deploy_vmwareuag_password="${DEPLOY_VMWAREUAG_PASSWORD}" _savedomainconf Le_Deploy_vmwareuag_password "${Le_Deploy_vmwareuag_password}" elif [ -z "${Le_Deploy_vmwareuag_password}" ]; then _err "DEPLOY_VMWAREUAG_PASSWORD is required" return 1 fi
# HOST is required. if [ -n "${DEPLOY_VMWAREUAG_HOST}" ]; then Le_Deploy_vmwareuag_host="${DEPLOY_VMWAREUAG_HOST}" _savedomainconf Le_Deploy_vmwareuag_host "${Le_Deploy_vmwareuag_host}" elif [ -z "${Le_Deploy_vmwareuag_host}" ]; then _err "DEPLOY_VMWAREUAG_HOST is required" return 1 fi
# HTTPS_INSECURE is optional. If not provided then assume "${DEPLOY_VMWAREUAG_HTTPS_INSECURE_DEFAULT}" if [ -n "${DEPLOY_VMWAREUAG_HTTPS_INSECURE}" ]; then Le_Deploy_vmwareuag_https_insecure="${DEPLOY_VMWAREUAG_HTTPS_INSECURE}" _savedomainconf Le_Deploy_vmwareuag_https_insecure "${Le_Deploy_vmwareuag_https_insecure}" elif [ -z "${Le_Deploy_vmwareuag_https_insecure}" ]; then Le_Deploy_vmwareuag_https_insecure="${DEPLOY_VMWAREUAG_HTTPS_INSECURE}" fi
# Set variables for later use _user="${Le_Deploy_vmwareuag_username}:${Le_Deploy_vmwareuag_password}" _privatekeypem="$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' <"${_ckey}")" _certchainpem="$(awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' <"${_cfullchain}")" _path="/rest/v1/config/certs/ssl/end_user"
_debug _user "${_user}" _debug _privatekeypem "${_privatekeypem}" _debug _certchainpem "${_certchainpem}" _debug _path "${_path}"
# Create JSON request _jsonreq="$(printf '{ "privateKeyPem": "%s", "certChainPem": "%s" }' "${_privatekeypem}" "${_certchainpem}")" _debug JSON "${_jsonreq}"
# dont verify certs if config set _old_HTTPS_INSECURE="${HTTPS_INSECURE}" if [ "${Le_Deploy_vmwareuag_https_insecure}" = "1" ]; then HTTPS_INSECURE="1" fi
# do post against UAG host(s) for _host in ${Le_Deploy_vmwareuag_host}; do _url="https://${_host}${_path}" _debug _url "${_url}" _post "${_jsonreq}" "${_url}" "" "PUT" "application/json" done
# reset HTTP_INSECURE HTTPS_INSECURE="${_old_HTTPS_INSECURE}"
return 0}
|
