@ -36,8 +36,8 @@ DEFAULT_CA=$CA_LETSENCRYPT_V2
DEFAULT_STAGING_CA = $CA_LETSENCRYPT_V2_TEST
CA_NAMES = "
Letse ncrypt.org,letsencrypt
Letse ncrypt.org_test,letsencrypt_test,letsencrypttest
LetsE ncrypt.org,letsencrypt
LetsE ncrypt.org_test,letsencrypt_test,letsencrypttest
BuyPass.com,buypass
BuyPass.com_test,buypass_test,buypasstest
ZeroSSL.com,zerossl
@ -1375,7 +1375,7 @@ toPkcs() {
domain = " $1 "
pfxPassword = " $2 "
if [ -z " $domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --toPkcs -d domain [--password pfx-password ] "
_usage " Usage: $PROJECT_ENTRY --to-pkcs12 --domain <domain.tld> [--password <password>] [--ecc ] "
return 1
fi
@ -1396,7 +1396,7 @@ toPkcs8() {
domain = " $1 "
if [ -z " $domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --toPkcs8 -d domain [--ecc] "
_usage " Usage: $PROJECT_ENTRY --to-pkcs8 --domain <domain.tld> [--ecc] "
return 1
fi
@ -1416,7 +1416,7 @@ toPkcs8() {
createAccountKey( ) {
_info "Creating account key"
if [ -z " $1 " ] ; then
_usage " Usage: $PROJECT_ENTRY --createAccountKey --accountkeylength 2048 "
_usage " Usage: $PROJECT_ENTRY --create-account-key [--accountkeylength <bits>] "
return
fi
@ -1459,7 +1459,7 @@ _create_account_key() {
createDomainKey( ) {
_info "Creating domain key"
if [ -z " $1 " ] ; then
_usage " Usage: $PROJECT_ENTRY --createDomainKey -d domain.com [ --keylength 2048 ] "
_usage " Usage: $PROJECT_ENTRY --create-domain-key --domain <domain.tld> [--keylength <bits> ] "
return
fi
@ -1499,7 +1499,7 @@ createDomainKey() {
createCSR( ) {
_info "Creating csr"
if [ -z " $1 " ] ; then
_usage " Usage: $PROJECT_ENTRY --createCSR -d domain1.com [-d domain2.com -d domain3.com ... ] "
_usage " Usage: $PROJECT_ENTRY --create-csr --domain <domain.tld> [--domain <domain2.tld> ... ] "
return
fi
@ -2888,7 +2888,7 @@ Allow from all
if _restoreApache; then
_err "The apache config file is restored."
else
_err "Sorry, T he apache config file can not be restored, please report bug."
_err "Sorry, t he apache config file can not be restored, please report bug."
fi
return 1
fi
@ -4012,7 +4012,7 @@ _match_issuer() {
#webroot, domain domainlist keylength
issue( ) {
if [ -z " $2 " ] ; then
_usage " Usage: $PROJECT_ENTRY --issue -d a.com -w /path/to/webroot/a.com/ "
_usage " Usage: $PROJECT_ENTRY --issue --domain <domain.tld> --webroot <directory> "
return 1
fi
if [ -z " $1 " ] ; then
@ -4993,7 +4993,7 @@ _split_cert_chain() {
renew( ) {
Le_Domain = " $1 "
if [ -z " $Le_Domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --renew -d domain.com [--ecc] "
_usage " Usage: $PROJECT_ENTRY --renew --domain <domain.tld> [--ecc] "
return 1
fi
@ -5003,7 +5003,7 @@ renew() {
_info " $( __green " Renew: ' $Le_Domain ' " ) "
if [ ! -f " $DOMAIN_CONF " ] ; then
_info " ' $Le_Domain ' is not a issued domain, skip. "
_info " ' $Le_Domain ' is not an issued domain, skip. "
return $RENEW_SKIP
fi
@ -5049,6 +5049,7 @@ renew() {
Le_PreHook = " $( _readdomainconf Le_PreHook) "
Le_PostHook = " $( _readdomainconf Le_PostHook) "
Le_RenewHook = " $( _readdomainconf Le_RenewHook) "
Le_Preferred_Chain = " $( _readdomainconf Le_Preferred_Chain) "
issue " $Le_Webroot " " $Le_Domain " " $Le_Alt " " $Le_Keylength " " $Le_RealCertPath " " $Le_RealKeyPath " " $Le_RealCACertPath " " $Le_ReloadCmd " " $Le_RealFullChainPath " " $Le_PreHook " " $Le_PostHook " " $Le_RenewHook " " $Le_LocalAddress " " $Le_ChallengeAlias " " $Le_Preferred_Chain "
res = " $? "
if [ " $res " != "0" ] ; then
@ -5081,7 +5082,7 @@ renewAll() {
for di in " ${ CERT_HOME } " /*.*/; do
_debug di " $di "
if ! [ -d " $di " ] ; then
_debug " Not directory, skip: $di "
_debug " Not a directory, skip: $di "
continue
fi
d = $( basename " $di " )
@ -5184,7 +5185,7 @@ signcsr() {
_csrfile = " $1 "
_csrW = " $2 "
if [ -z " $_csrfile " ] || [ -z " $_csrW " ] ; then
_usage " Usage: $PROJECT_ENTRY --signcsr --csr mycsr.csr -w /path/to/webroot/a.com/ "
_usage " Usage: $PROJECT_ENTRY --sign-csr --csr <csr-file> --webroot <directory> "
return 1
fi
@ -5252,7 +5253,7 @@ showcsr() {
_csrfile = " $1 "
_csrd = " $2 "
if [ -z " $_csrfile " ] && [ -z " $_csrd " ] ; then
_usage " Usage: $PROJECT_ENTRY --showcsr --csr mycsr.csr "
_usage " Usage: $PROJECT_ENTRY --show-csr --csr <csr-file> "
return 1
fi
@ -5369,7 +5370,7 @@ deploy() {
_hooks = " $2 "
_isEcc = " $3 "
if [ -z " $_hooks " ] ; then
_usage " Usage: $PROJECT_ENTRY --deploy -d domain.com --deploy-hook cpanel [--ecc] "
_usage " Usage: $PROJECT_ENTRY --deploy --domain <domain.tld> --deploy-hook <hookname> [--ecc] "
return 1
fi
@ -5390,7 +5391,7 @@ deploy() {
installcert( ) {
_main_domain = " $1 "
if [ -z " $_main_domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --installcert -d domain.com [--ecc] [--cert-file cert-file-path] [--key-file key-file-path] [--ca-file ca-cert-file-path] [ --reloadCmd reloadCmd] [--fullchain-file fullchain-path ] "
_usage " Usage: $PROJECT_ENTRY --install-cert --domain <domain.tld> [--ecc] [--cert-file <file>] [--key-file <file>] [--ca-file <file>] [ --reloadcmd <command>] [--fullchain-file <file> ] "
return 1
fi
@ -5669,7 +5670,7 @@ uninstallcronjob() {
revoke( ) {
Le_Domain = " $1 "
if [ -z " $Le_Domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --revoke -d domain.com [--ecc] "
_usage " Usage: $PROJECT_ENTRY --revoke --domain <domain.tld> [--ecc] "
return 1
fi
@ -5740,7 +5741,7 @@ revoke() {
remove( ) {
Le_Domain = " $1 "
if [ -z " $Le_Domain " ] ; then
_usage " Usage: $PROJECT_ENTRY --remove -d domain.com [--ecc] "
_usage " Usage: $PROJECT_ENTRY --remove --domain <domain.tld> [--ecc] "
return 1
fi
@ -5900,7 +5901,7 @@ deactivate() {
_initAPI
_debug _d_domain_list " $_d_domain_list "
if [ -z " $( echo $_d_domain_list | cut -d , -f 1) " ] ; then
_usage " Usage: $PROJECT_ENTRY --deactivate -d domain.com [-d domain.com ] "
_usage " Usage: $PROJECT_ENTRY --deactivate --domain <domain.tld> [--domain <domain2.tld> ... ] "
return 1
fi
for _d_dm in $( echo " $_d_domain_list " | tr ',' ' ' ) ; do
@ -6360,7 +6361,7 @@ setnotify() {
_initpath
if [ -z " $_nhook $_nlevel $_nmode " ] ; then
_usage " Usage: $PROJECT_ENTRY --set-notify [--notify-hook mailgun] [--notify-level $NOTIFY_LEVEL_DEFAULT ] [--notify-mode $NOTIFY_MODE_DEFAULT ] "
_usage " Usage: $PROJECT_ENTRY --set-notify [--notify-hook <hookname>] [--notify-level <0|1|2|3>] [--notify-mode <0|1> ] "
_usage " $_NOTIFY_WIKI "
return 1
fi
@ -6399,146 +6400,140 @@ setnotify() {
showhelp( ) {
_initpath
version
echo " Usage: $PROJECT_ENTRY command ...[parameters]....
echo " Usage: $PROJECT_ENTRY <command> ... [parameters ...]
Commands:
--help, -h Show this help message.
--version, -v Show version info.
-h, - -help Show this help message.
-v, - -version Show version info.
--install Install $PROJECT_NAME to your system.
--uninstall Uninstall $PROJECT_NAME , and uninstall the cron job.
--upgrade Upgrade $PROJECT_NAME to the latest code from $PROJECT .
--issue Issue a cert.
--signcsr Issue a cert from an existing csr.
--deploy Deploy the cert to your server.
--install-cert Install the issued cert to apache/nginx or any other server.
--renew, -r Renew a cert.
-i, - -install-cert Install the issued cert to apache/nginx or any other server.
-r, - -renew Renew a cert.
--renew-all Renew all the certs.
--revoke Revoke a cert.
--remove Remove the cert from list of certs known to $PROJECT_NAME .
--list List all the certs.
--showcsr Show the content of a csr .
--install-cronjob Install the cron job to renew certs, you don't need to call this. The ' install' command can automatically install the cron job .
--uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically .
--cron Run cron job to renew all the certs .
--toPkcs Export the certificate and key to a pfx fil e.
--toPkcs8 Convert to pkcs8 format .
--to-pkcs12 Export the certificate and key to a pfx file .
--to-pkcs8 Convert to pkcs8 format .
--sign-csr Issue a cert from an existing csr .
--show-csr Show the content of a csr .
-ccr, --create-csr Create CSR, professional us e.
--create-domain-key Create an domain private key, professional use .
--update-account Update account info.
--register-account Register account key.
--deactivate-account Deactivate the account.
--create-account-key Create an account private key, professional use.
--create-domain-key Create an domain private key, professional use .
--createCSR, -ccsr Create CSR , professional use .
--deactivate Deactivate the domain authz, professional use .
--install-cronjob Install the cron job to renew certs, you don't need to call this. The ' install' command can automatically install the cron job .
--uninstall-cronjob Uninstall the cron job. The 'uninstall' command can do this automatically .
--cron Run cron job to renew all the certs .
--set-notify Set the cron notification hook, level or mode.
--set-default-ca Used with '--server' , to set the default CA to use to use.
--deactivate Deactivate the domain authz, professional use.
--set-default-ca Used with '--server' , to set the default CA to use to use.
Parameters:
--domain, -d domain.tld Specifies a domain, used to issue, renew or revoke etc.
--challenge-alias domain.tld The challenge domain alias for DNS alias mode.
-d, --domain <domain.tld> Specifies a domain, used to issue, renew or revoke etc.
--challenge-alias <domain.tld> The challenge domain alias for DNS alias mode.
See: $_DNS_ALIAS_WIKI
--domain-alias domain.tld The domain alias for DNS alias mode.
--domain-alias <domain.tld> The domain alias for DNS alias mode.
See: $_DNS_ALIAS_WIKI
--preferred-chain CHAIN If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
--preferred-chain <chain> If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name.
If no match, the default offered chain will be used. ( default: empty)
See: $_PREFERRED_CHAIN_WIKI
--force, -f Used to force to install or force to renew a cert immediately .
--staging, --test Use staging server, just for test.
--debug Output debug info .
-f, --force Force install, force cert renewal or override sudo restrictions .
--staging, --test Use staging server, for testing .
--debug [ 0| 1| 2| 3] Output debug info. Defaults to 1 if argument is omitted .
--output-insecure Output all the sensitive messages.
By default all the credentials/sensitive messages are hidden from the output/debug/log for security.
--webroot, -w /path/to/webroot Specifies the web root folder for web root mode.
-w, --webroot <directory> Specifies the web root folder for web root mode.
--standalone Use standalone mode.
--alpn Use standalone alpn mode.
--stateless Use stateless mode.
See: $_STATELESS_WIKI
--apache Use apache mode.
--dns [ dns_hook] Use dns mode or dns api.
--dns [ dns_hook] Use dns manual m ode or dns api. Defaults to manual mode when argument is omitted.
See: $_DNS_API_WIKI
--dnssleep 300 The time in seconds to wait for all the txt records to propagate in dns api mode.
--dnssleep <seconds> The time in seconds to wait for all the txt records to propagate in dns api mode.
It' s not necessary to use this by default, $PROJECT_NAME polls dns status by DOH automatically.
--keylength, -k [ 2048] Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
--accountkeylength, -ak [ 2048] Specifies the account key length: 2048, 3072, 4096
--log [ /path/to/logfile] Specifies the log file. The default is: \" $DEFAULT_LOG_FILE \" if you don' t give a file path here.
--log-level 1| 2 Specifies the log level, default is 1.
--syslog [ 0| 3| 6| 7] Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
--eab-kid EAB_KID Key Identifier for External Account Binding.
--eab-hmac-key EAB_HMAC_KEY HMAC key for External Account Binding.
-k, --keylength <bits> Specifies the domain key length: 2048, 3072, 4096, 8192 or ec-256, ec-384, ec-521.
-ak, --accountkeylength <bits> Specifies the account key length: 2048, 3072, 4096
--log [ file] Specifies the log file. Defaults to \" $DEFAULT_LOG_FILE \" if argument is omitted.
--log-level <1| 2> Specifies the log level, default is 1.
--syslog <0| 3| 6| 7> Syslog level, 0: disable syslog, 3: error, 6: info, 7: debug.
--eab-kid <eab_key_id> Key Identifier for External Account Binding.
--eab-hmac-key <eab_hmac_key> HMAC key for External Account Binding.
These parameters are to install the cert to nginx/apache or any other server after issue/renew a cert:
--cert-file After issue/renew, the cert will be copied to this path.
--key-file After issue/renew, the key will be copied to this path.
--ca-file After issue/renew, the intermediate cert will be copied to this path.
--fullchain-file After issue/renew, the fullchain cert will be copied to this path.
--cert-file <file> Path to copy the cert file to after issue/renew..
--key-file <file> Path to copy the key file to after issue/renew.
--ca-file <file> Path to copy the intermediate cert file to after issue/renew.
--fullchain-file <file> Path to copy the fullchain cert file to after issue/renew.
--reloadcmd <command> Command to execute after issue/renew to reload the server.
--reloadcmd \" service nginx reload\" After issue/renew, it' s used to reload the server.
--server SERVER ACME Directory Resource URI. ( default: $DEFAULT_CA )
--server <server_uri> ACME Directory Resource URI. ( default: $DEFAULT_CA )
See: $_SERVER_WIKI
--accountconf Specifies a customized account config file.
--home Specifies the home dir for $PROJECT_NAME .
--cert-home Specifies the home dir to save all the certs, only valid for '--install' command.
--config-home Specifies the home dir to save all the configurations.
--useragent Specifies the user agent string. it will be saved for future use too.
--accountemail, -m Specifies the account email, only valid for the '--install' and '--update-account' command.
--accountkey Specifies the account key path, only valid for the '--install' command.
--days Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
--httpport Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
--tlsport Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
--local-address Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
--accountconf <file> Specifies a customized account config file.
--home <directory> Specifies the home dir for $PROJECT_NAME .
--cert-home <directory> Specifies the home dir to save all the certs, only valid for '--install' command.
--config-home <directory> Specifies the home dir to save all the configurations.
--useragent <string> Specifies the user agent string. it will be saved for future use too.
-m, --accountemail <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
--accountkey <file> Specifies the account key path, only valid for the '--install' command.
--days <ndays> Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
--httpport <port> Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
--tlsport <port> Specifies the standalone tls listening port. Only valid if the server is behind a reverse proxy or load balancer.
--local-address <ip> Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
--listraw Only used for '--list' command, list the certs in raw format.
--stopRenewOnError, -se Only valid for '--renew-all' command. Stop if one cert has error in renewal.
-se, --stop-renew-on-error Only valid for '--renew-all' command. Stop if one cert has error in renewal.
--insecure Do not check the server certificate, in some devices, the api server' s certificate may not be trusted.
--ca-bundle Specifies the path to the CA certificate bundle to verify api server' s certificate.
--ca-path Specifies directory containing CA certificates in PEM format, used by wget or curl.
--ca-bundle <file> Specifies the path to the CA certificate bundle to verify api server' s certificate.
--ca-path <directory> Specifies directory containing CA certificates in PEM format, used by wget or curl.
--nocron Only valid for '--install' command, which means: do not install the default cron job.
In this case , the certs will not be renewed automatically.
--noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
--no-color Do not output color text.
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
--ecc Specifies to use the ECC cert. Valid for '--install-cert' , '--renew' , '--revoke' , '--toPkcs' and '--createCSR '
--csr Specifies the input csr.
--pre-hook Command to be run before obtaining any certificates.
--post-hook Command to be run after attempting to obtain/renew certificates. No matter the obtain/renew is success or failed.
--renew-hook Command to be run once for each successfully renewed certificate.
--deploy-hook The hook file to deploy cert
--ocsp-must-staple, --ocsp Generate ocsp must Staple extension.
--always-force-new-domain-key Generate new domain key whe n renewal. Otherwise, the domain key is not changed by default.
--auto-upgrade [ 0| 1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future.
--ecc Specifies to use the ECC cert. Valid for '--install-cert' , '--renew' , '--revoke' , '--to-pkcs12' and '--create-csr '
--csr <file> Specifies the input csr.
--pre-hook <command> Command to be run before obtaining any certificates.
--post-hook <command> Command to be run after attempting to obtain/renew certificates. Runs regardless of whether obtain/renew succeeded or failed.
--renew-hook <command> Command to be run after each successfully renewed certificate.
--deploy-hook <hookname> The hook file to deploy cert
--ocsp, --ocsp-must-staple Generate OCSP-Must- Staple extension.
--always-force-new-domain-key Generate new domain key o n renewal. Otherwise, the domain key is not changed by default.
--auto-upgrade [ 0| 1] Valid for '--upgrade' command, indicating whether to upgrade automatically in future. Defaults to 1 if argument is omitted.
--listen-v4 Force standalone/tls server to listen at ipv4.
--listen-v6 Force standalone/tls server to listen at ipv6.
--openssl-bin Specifies a custom openssl bin location.
--openssl-bin <file> Specifies a custom openssl bin location.
--use-wget Force to use wget, if you have both curl and wget installed.
--yes-I-know-dns-manual-mode-enough-go-ahead-please Force to use dns manual mode.
--yes-I-know-dns-manual-mode-enough-go-ahead-please Force use of dns manual mode.
See: $_DNS_MANUAL_WIKI
--branch, -b Only valid for '--upgrade' command, specifies the branch name to upgrade to.
--notify-level 0| 1| 2| 3 Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT .
-b, --branch <branch> Only valid for '--upgrade' command, specifies the branch name to upgrade to.
--notify-level <0| 1| 2| 3> Set the notification level: Default value is $NOTIFY_LEVEL_DEFAULT .
0: disabled, no notification will be sent.
1: send notifications only when there is an error.
2: send notifications when a cert is successfully renewed, or there is an error.
3: send notifications when a cert is skipped, renewed, or error.
--notify-mode 0| 1 Set notification mode. Default value is $NOTIFY_MODE_DEFAULT .
--notify-mode <0| 1> Set notification mode. Default value is $NOTIFY_MODE_DEFAULT .
0: Bulk mode. Send all the domain' s notifications in one message( mail) .
1: Cert mode. Send a message for every single cert.
--notify-hook [ hookname] Set the notify hook
--revoke-reason [ 0-10] The reason for '--revoke' command.
--notify-hook <hookname> Set the notify hook
--revoke-reason <0-10> The reason for revocation, can be used in conjunction with the '--revoke' command.
See: $_REVOKE_WIKI
--password <password> Add a password to exported pfx file. Use with --to-pkcs12.
"
}
@ -6796,19 +6791,19 @@ _process() {
--deploy)
_CMD = "deploy"
; ;
--signcsr)
--sign-csr | --sign csr)
_CMD = "signcsr"
; ;
--showcsr)
--show-csr | --show csr)
_CMD = "showcsr"
; ;
-- installcert | -i | --install- cert)
-i | - -install-cert | --installcert)
_CMD = "installcert"
; ;
--renew | -r)
_CMD = "renew"
; ;
--renewAll | --renewall | --renew- all)
--renew-all | --renewAll | --renew all)
_CMD = "renewAll"
; ;
--revoke)
@ -6820,37 +6815,37 @@ _process() {
--list)
_CMD = "list"
; ;
--installcronjob | --install- cronjob)
--install- cronjob | --installcronjob)
_CMD = "installcronjob"
; ;
--uninstallcronjob | --uninstall- cronjob)
--uninstall- cronjob | --uninstallcronjob)
_CMD = "uninstallcronjob"
; ;
--cron)
_CMD = "cron"
; ;
--toPkcs)
--to-pkcs12 | --to-pkcs | --to Pkcs)
_CMD = "toPkcs"
; ;
--toPkcs8)
--to-pkcs8 | --to Pkcs8)
_CMD = "toPkcs8"
; ;
--createAccountKey | --createaccountkey | -cak | --create-account-key )
--create-account-key | --create AccountKey | --createaccountkey | -cak)
_CMD = "createAccountKey"
; ;
--createDomainKey | --createdomainkey | -cdk | --create-domain-key )
--create-domain-key | --create DomainKey | --createdomainkey | -cdk)
_CMD = "createDomainKey"
; ;
--createCSR | --createcsr | -cc r)
-ccr | --create-csr | - -createCSR | --createcsr)
_CMD = "createCSR"
; ;
--deactivate)
_CMD = "deactivate"
; ;
--updateaccount | --update- account)
--update- account | --updateaccount)
_CMD = "updateaccount"
; ;
--registeraccount | --register- account)
--register- account | --registeraccount)
_CMD = "registeraccount"
; ;
--deactivate-account)
@ -6862,7 +6857,7 @@ _process() {
--set-default-ca)
_CMD = "setdefaultca"
; ;
-- domain | -d)
-d | -- domain )
_dvalue = " $2 "
if [ " $_dvalue " ] ; then
@ -6893,7 +6888,7 @@ _process() {
shift
; ;
-- force | -f)
-f | -- force )
FORCE = "1"
; ;
--staging | --test)
@ -6915,7 +6910,7 @@ _process() {
--output-insecure)
export OUTPUT_INSECURE = 1
; ;
-- webroot | -w)
-w | -- webroot )
wvalue = " $2 "
if [ -z " $_webroot " ] ; then
_webroot = " $wvalue "
@ -7005,7 +7000,7 @@ _process() {
_keylength = " $2 "
shift
; ;
-- account keylength | -ak)
-ak | -- account keylength )
_accountkeylength = " $2 "
shift
; ;
@ -7043,7 +7038,7 @@ _process() {
LE_WORKING_DIR = " $2 "
shift
; ;
--certhome | --cert- home)
--cert- home | --certhome)
_certhome = " $2 "
CERT_HOME = " $_certhome "
shift
@ -7058,7 +7053,7 @@ _process() {
USER_AGENT = " $_useragent "
shift
; ;
--accounte mail | -m)
-m | --accounte mail )
_accountemail = " $2 "
ACCOUNT_EMAIL = " $_accountemail "
shift
@ -7086,7 +7081,7 @@ _process() {
--listraw)
_listraw = "raw"
; ;
--stopRenewOnError | --stoprenewonerror | -se )
-se | --stop-renew-on-error | - -stopRenewOnError | --stoprenewonerror)
_stopRenewOnError = "1"
; ;
--insecure)