|
@ -849,6 +849,16 @@ _dbase64() { |
|
|
fi |
|
|
fi |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
#file |
|
|
|
|
|
_checkcert() { |
|
|
|
|
|
_cf="$1" |
|
|
|
|
|
if [ "$DEBUG" ]; then |
|
|
|
|
|
openssl x509 -noout -text -in "$_cf" |
|
|
|
|
|
else |
|
|
|
|
|
openssl x509 -noout -text -in "$_cf" >/dev/null 2>&1 |
|
|
|
|
|
fi |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
#Usage: hashalg [outputhex] |
|
|
#Usage: hashalg [outputhex] |
|
|
#Output Base64-encoded digest |
|
|
#Output Base64-encoded digest |
|
|
_digest() { |
|
|
_digest() { |
|
@ -4089,6 +4099,13 @@ $_authorizations_map" |
|
|
_debug "Le_LinkCert" "$Le_LinkCert" |
|
|
_debug "Le_LinkCert" "$Le_LinkCert" |
|
|
_savedomainconf "Le_LinkCert" "$Le_LinkCert" |
|
|
_savedomainconf "Le_LinkCert" "$Le_LinkCert" |
|
|
|
|
|
|
|
|
|
|
|
if [ -z "$Le_LinkCert" ] || ! _checkcert "$CERT_PATH"; then |
|
|
|
|
|
response="$(echo "$response" | _dbase64 "multiline" | _normalizeJson)" |
|
|
|
|
|
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" |
|
|
|
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
if [ "$Le_LinkCert" ]; then |
|
|
if [ "$Le_LinkCert" ]; then |
|
|
_info "$(__green "Cert success.")" |
|
|
_info "$(__green "Cert success.")" |
|
|
cat "$CERT_PATH" |
|
|
cat "$CERT_PATH" |
|
@ -4099,28 +4116,18 @@ $_authorizations_map" |
|
|
_info "Your cert key is in $(__green " $CERT_KEY_PATH ")" |
|
|
_info "Your cert key is in $(__green " $CERT_KEY_PATH ")" |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [ "$ACME_VERSION" != "2" ]; then |
|
|
|
|
|
cp "$CERT_PATH" "$CERT_FULLCHAIN_PATH" |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
if [ ! "$USER_PATH" ] || [ ! "$IN_CRON" ]; then |
|
|
if [ ! "$USER_PATH" ] || [ ! "$IN_CRON" ]; then |
|
|
USER_PATH="$PATH" |
|
|
USER_PATH="$PATH" |
|
|
_saveaccountconf "USER_PATH" "$USER_PATH" |
|
|
_saveaccountconf "USER_PATH" "$USER_PATH" |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [ -z "$Le_LinkCert" ]; then |
|
|
|
|
|
response="$(echo "$response" | _dbase64 "multiline" | _normalizeJson)" |
|
|
|
|
|
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" |
|
|
|
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
return 1 |
|
|
|
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
_cleardomainconf "Le_Vlist" |
|
|
_cleardomainconf "Le_Vlist" |
|
|
|
|
|
|
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
_debug "v2 chain." |
|
|
_debug "v2 chain." |
|
|
else |
|
|
else |
|
|
|
|
|
cp "$CERT_PATH" "$CERT_FULLCHAIN_PATH" |
|
|
Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>') |
|
|
Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>') |
|
|
|
|
|
|
|
|
if [ "$Le_LinkIssuer" ]; then |
|
|
if [ "$Le_LinkIssuer" ]; then |
|
@ -4144,6 +4151,10 @@ $_authorizations_map" |
|
|
echo "$BEGIN_CERT" >"$CA_CERT_PATH" |
|
|
echo "$BEGIN_CERT" >"$CA_CERT_PATH" |
|
|
_base64 "multiline" <"$CA_CERT_PATH.der" >>"$CA_CERT_PATH" |
|
|
_base64 "multiline" <"$CA_CERT_PATH.der" >>"$CA_CERT_PATH" |
|
|
echo "$END_CERT" >>"$CA_CERT_PATH" |
|
|
echo "$END_CERT" >>"$CA_CERT_PATH" |
|
|
|
|
|
if !_checkcert "$CA_CERT_PATH"; then |
|
|
|
|
|
_err "Can not get the ca cert." |
|
|
|
|
|
break |
|
|
|
|
|
fi |
|
|
cat "$CA_CERT_PATH" >>"$CERT_FULLCHAIN_PATH" |
|
|
cat "$CA_CERT_PATH" >>"$CERT_FULLCHAIN_PATH" |
|
|
rm -f "$CA_CERT_PATH.der" |
|
|
rm -f "$CA_CERT_PATH.der" |
|
|
break |
|
|
break |
|
|