|
@ -1883,7 +1883,7 @@ issue() { |
|
|
vtype="$VTYPE_TLS" |
|
|
vtype="$VTYPE_TLS" |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
_info "Getting token for domain" $d |
|
|
|
|
|
|
|
|
_info "Getting new-authz for domain" $d |
|
|
|
|
|
|
|
|
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$d\"}}" ; then |
|
|
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$d\"}}" ; then |
|
|
_err "Can not get domain token." |
|
|
_err "Can not get domain token." |
|
@ -2720,6 +2720,82 @@ revoke() { |
|
|
return 1 |
|
|
return 1 |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#domain vtype |
|
|
|
|
|
_deactivate() { |
|
|
|
|
|
_d_domain="$1" |
|
|
|
|
|
_d_type="$2" |
|
|
|
|
|
_initpath |
|
|
|
|
|
|
|
|
|
|
|
_d_i=0 |
|
|
|
|
|
_d_max_retry=9 |
|
|
|
|
|
while [ "$_d_i" -lt "$_d_max_retry" ] ; |
|
|
|
|
|
do |
|
|
|
|
|
_d_i="$(_math $_d_i + 1)" |
|
|
|
|
|
if ! _send_signed_request "$API/acme/new-authz" "{\"resource\": \"new-authz\", \"identifier\": {\"type\": \"dns\", \"value\": \"$_d_domain\"}}" ; then |
|
|
|
|
|
_err "Can not get domain token." |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
authzUri="$(echo "$responseHeaders" | grep "^Location:" | cut -d ' ' -f 2)" |
|
|
|
|
|
_info "authzUri" "$authzUri" |
|
|
|
|
|
|
|
|
|
|
|
if [ ! -z "$code" ] && [ ! "$code" = '201' ] ; then |
|
|
|
|
|
_err "new-authz error: $response" |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
entry="$(printf "%s\n" "$response" | _egrep_o '[^{]*"status":"valid","uri"[^}]*')" |
|
|
|
|
|
_debug entry "$entry" |
|
|
|
|
|
|
|
|
|
|
|
if [ -z "$entry" ] ; then |
|
|
|
|
|
_info "No valid entry found." |
|
|
|
|
|
break |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_vtype="$(printf "%s\n" "$entry" | _egrep_o '"type": *"[^"]*"' | cut -d : -f 2 | tr -d '"')" |
|
|
|
|
|
_debug _vtype $_vtype |
|
|
|
|
|
_info "Found $_vtype" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
uri="$(printf "%s\n" "$entry" | _egrep_o '"uri":"[^"]*'| cut -d : -f 2,3 | tr -d '"' )" |
|
|
|
|
|
_debug uri $uri |
|
|
|
|
|
|
|
|
|
|
|
if [ "$_d_type" ] && [ "$_d_type" != "$_vtype" ] ; then |
|
|
|
|
|
_info "Skip $_vtype" |
|
|
|
|
|
continue |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_info "Deactivate: $_vtype" |
|
|
|
|
|
|
|
|
|
|
|
if ! _send_signed_request "$authzUri" "{\"resource\": \"authz\", \"status\":\"deactivated\"}" ; then |
|
|
|
|
|
_err "Can not deactivate $_vtype." |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
done |
|
|
|
|
|
_debug "$_d_i" |
|
|
|
|
|
if [ "$_d_i" -lt "$_d_max_retry" ] ; then |
|
|
|
|
|
_info "Deactivated success!" |
|
|
|
|
|
else |
|
|
|
|
|
_err "Deactivate failed." |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
deactivate() { |
|
|
|
|
|
_d_domain="$1" |
|
|
|
|
|
_d_type="$2" |
|
|
|
|
|
_initpath |
|
|
|
|
|
|
|
|
|
|
|
if [ -z "$_d_domain" ] ; then |
|
|
|
|
|
_usage "Usage: $PROJECT_ENTRY --deactivate -d domain.com" |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_deactivate "$_d_domain" $_d_type |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
# Detect profile file if not specified as environment variable |
|
|
# Detect profile file if not specified as environment variable |
|
|
_detect_profile() { |
|
|
_detect_profile() { |
|
|
if [ -n "$PROFILE" -a -f "$PROFILE" ] ; then |
|
|
if [ -n "$PROFILE" -a -f "$PROFILE" ] ; then |
|
@ -3093,6 +3169,7 @@ Commands: |
|
|
--createAccountKey, -cak Create an account private key, professional use. |
|
|
--createAccountKey, -cak Create an account private key, professional use. |
|
|
--createDomainKey, -cdk Create an domain private key, professional use. |
|
|
--createDomainKey, -cdk Create an domain private key, professional use. |
|
|
--createCSR, -ccsr Create CSR , professional use. |
|
|
--createCSR, -ccsr Create CSR , professional use. |
|
|
|
|
|
--deactivate Deactivate the domain authz, professional use. |
|
|
|
|
|
|
|
|
Parameters: |
|
|
Parameters: |
|
|
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc. |
|
|
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc. |
|
@ -3303,7 +3380,9 @@ _process() { |
|
|
--createCSR|--createcsr|-ccr) |
|
|
--createCSR|--createcsr|-ccr) |
|
|
_CMD="createCSR" |
|
|
_CMD="createCSR" |
|
|
;; |
|
|
;; |
|
|
|
|
|
|
|
|
|
|
|
--deactivate) |
|
|
|
|
|
_CMD="deactivate" |
|
|
|
|
|
;; |
|
|
|
|
|
|
|
|
--domain|-d) |
|
|
--domain|-d) |
|
|
_dvalue="$2" |
|
|
_dvalue="$2" |
|
@ -3575,6 +3654,9 @@ _process() { |
|
|
revoke) |
|
|
revoke) |
|
|
revoke "$_domain" "$_ecc" |
|
|
revoke "$_domain" "$_ecc" |
|
|
;; |
|
|
;; |
|
|
|
|
|
deactivate) |
|
|
|
|
|
deactivate "$_domain" |
|
|
|
|
|
;; |
|
|
list) |
|
|
list) |
|
|
list "$_listraw" |
|
|
list "$_listraw" |
|
|
;; |
|
|
;; |
|
|