|
|
@ -4098,10 +4098,9 @@ issue() { |
|
|
_savedomainconf "Le_Domain" "$_main_domain" |
|
|
_savedomainconf "Le_Domain" "$_main_domain" |
|
|
_savedomainconf "Le_Alt" "$_alt_domains" |
|
|
_savedomainconf "Le_Alt" "$_alt_domains" |
|
|
_savedomainconf "Le_Webroot" "$_web_roots" |
|
|
_savedomainconf "Le_Webroot" "$_web_roots" |
|
|
|
|
|
|
|
|
_savedomainconf "Le_PreHook" "$_pre_hook" "base64" |
|
|
|
|
|
_savedomainconf "Le_PostHook" "$_post_hook" "base64" |
|
|
|
|
|
_savedomainconf "Le_RenewHook" "$_renew_hook" "base64" |
|
|
|
|
|
|
|
|
_savedomainconf "Le_PreHook" "$ACMESH_PRE_HOOK" "base64" |
|
|
|
|
|
_savedomainconf "Le_PostHook" "$ACMESH_POST_HOOK" "base64" |
|
|
|
|
|
_savedomainconf "Le_RenewHook" "$ACMESH_RENEW_HOOK" "base64" |
|
|
|
|
|
|
|
|
if [ "$_local_addr" ]; then |
|
|
if [ "$_local_addr" ]; then |
|
|
_savedomainconf "Le_LocalAddress" "$_local_addr" |
|
|
_savedomainconf "Le_LocalAddress" "$_local_addr" |
|
|
@ -4131,7 +4130,7 @@ issue() { |
|
|
_key_length="" |
|
|
_key_length="" |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$_pre_hook" "$_local_addr"; then |
|
|
|
|
|
|
|
|
if ! _on_before_issue "$_web_roots" "$_main_domain" "$_alt_domains" "$ACMESH_PRE_HOOK" "$_local_addr"; then |
|
|
_err "_on_before_issue." |
|
|
_err "_on_before_issue." |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
@ -4141,7 +4140,7 @@ issue() { |
|
|
|
|
|
|
|
|
if [ -z "$ACCOUNT_URL" ] || [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then |
|
|
if [ -z "$ACCOUNT_URL" ] || [ -z "$_saved_account_key_hash" ] || [ "$_saved_account_key_hash" != "$(__calcAccountKeyHash)" ]; then |
|
|
if ! _regAccount "$_accountkeylength"; then |
|
|
if ! _regAccount "$_accountkeylength"; then |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
else |
|
|
else |
|
|
@ -4157,7 +4156,7 @@ issue() { |
|
|
if ! createDomainKey "$_main_domain" "$_key_length"; then |
|
|
if ! createDomainKey "$_main_domain" "$_key_length"; then |
|
|
_err "Create domain key error." |
|
|
_err "Create domain key error." |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4165,7 +4164,7 @@ issue() { |
|
|
if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then |
|
|
if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then |
|
|
_err "Create CSR error." |
|
|
_err "Create CSR error." |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4195,7 +4194,7 @@ issue() { |
|
|
if ! _send_signed_request "$ACME_NEW_ORDER" "{\"identifiers\": [$_identifiers]}"; then |
|
|
if ! _send_signed_request "$ACME_NEW_ORDER" "{\"identifiers\": [$_identifiers]}"; then |
|
|
_err "Create new order error." |
|
|
_err "Create new order error." |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n " | cut -d ":" -f 2-)" |
|
|
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n " | cut -d ":" -f 2-)" |
|
|
@ -4205,7 +4204,7 @@ issue() { |
|
|
if [ -z "$Le_OrderFinalize" ]; then |
|
|
if [ -z "$Le_OrderFinalize" ]; then |
|
|
_err "Create new order error. Le_OrderFinalize not found. $response" |
|
|
_err "Create new order error. Le_OrderFinalize not found. $response" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4217,7 +4216,7 @@ issue() { |
|
|
if [ -z "$_authorizations_seg" ]; then |
|
|
if [ -z "$_authorizations_seg" ]; then |
|
|
_err "_authorizations_seg not found." |
|
|
_err "_authorizations_seg not found." |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4230,7 +4229,7 @@ issue() { |
|
|
_err "_authorizations_seg" "$_authorizations_seg" |
|
|
_err "_authorizations_seg" "$_authorizations_seg" |
|
|
_err "_authz_url" "$_authz_url" |
|
|
_err "_authz_url" "$_authz_url" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4294,13 +4293,13 @@ $_authorizations_map" |
|
|
_err "get to authz error." |
|
|
_err "get to authz error." |
|
|
_err "_authorizations_map" "$_authorizations_map" |
|
|
_err "_authorizations_map" "$_authorizations_map" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
else |
|
|
else |
|
|
if ! __get_domain_new_authz "$d"; then |
|
|
if ! __get_domain_new_authz "$d"; then |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4328,7 +4327,7 @@ $_authorizations_map" |
|
|
_err "The supported validation types are: $_supported_vtypes, but you specified: $vtype" |
|
|
_err "The supported validation types are: $_supported_vtypes, but you specified: $vtype" |
|
|
fi |
|
|
fi |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4340,7 +4339,7 @@ $_authorizations_map" |
|
|
if [ -z "$token" ]; then |
|
|
if [ -z "$token" ]; then |
|
|
_err "Error, can not get domain token $entry" |
|
|
_err "Error, can not get domain token $entry" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
@ -4353,7 +4352,7 @@ $_authorizations_map" |
|
|
if [ -z "$uri" ]; then |
|
|
if [ -z "$uri" ]; then |
|
|
_err "Error, can not get domain uri. $entry" |
|
|
_err "Error, can not get domain uri. $entry" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
keyauthorization="$token.$thumbprint" |
|
|
keyauthorization="$token.$thumbprint" |
|
|
@ -4455,7 +4454,7 @@ $_authorizations_map" |
|
|
) |
|
|
) |
|
|
|
|
|
|
|
|
if [ "$?" != "0" ]; then |
|
|
if [ "$?" != "0" ]; then |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
_clearup |
|
|
_clearup |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
@ -4470,7 +4469,7 @@ $_authorizations_map" |
|
|
_savedomainconf "Le_Vlist" "$vlist" |
|
|
_savedomainconf "Le_Vlist" "$vlist" |
|
|
_debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit." |
|
|
_debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit." |
|
|
_err "Please add the TXT records to the domains, and re-run with --renew." |
|
|
_err "Please add the TXT records to the domains, and re-run with --renew." |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
_clearup |
|
|
_clearup |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
@ -4483,7 +4482,7 @@ $_authorizations_map" |
|
|
_sleep 20 |
|
|
_sleep 20 |
|
|
if ! _check_dns_entries; then |
|
|
if ! _check_dns_entries; then |
|
|
_err "check dns error." |
|
|
_err "check dns error." |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
_clearup |
|
|
_clearup |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
@ -4528,7 +4527,7 @@ $_authorizations_map" |
|
|
_startserver "$keyauthorization" "$_ncaddr" |
|
|
_startserver "$keyauthorization" "$_ncaddr" |
|
|
if [ "$?" != "0" ]; then |
|
|
if [ "$?" != "0" ]; then |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
sleep 1 |
|
|
sleep 1 |
|
|
@ -4543,7 +4542,7 @@ $_authorizations_map" |
|
|
BACKUP_NGINX_CONF="" |
|
|
BACKUP_NGINX_CONF="" |
|
|
if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then |
|
|
if ! _setNginx "$d" "$_currentRoot" "$thumbprint"; then |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4578,7 +4577,7 @@ $_authorizations_map" |
|
|
_err "$d:Can not write token to file : $wellknown_path/$token" |
|
|
_err "$d:Can not write token to file : $wellknown_path/$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4602,7 +4601,7 @@ $_authorizations_map" |
|
|
_err "Start tls server error." |
|
|
_err "Start tls server error." |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4611,7 +4610,7 @@ $_authorizations_map" |
|
|
_err "$d:Can not get challenge: $response" |
|
|
_err "$d:Can not get challenge: $response" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4622,7 +4621,7 @@ $_authorizations_map" |
|
|
_err "$d:Challenge error: $response" |
|
|
_err "$d:Challenge error: $response" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
@ -4638,7 +4637,7 @@ $_authorizations_map" |
|
|
_err "$d:Timeout" |
|
|
_err "$d:Timeout" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4654,7 +4653,7 @@ $_authorizations_map" |
|
|
_err "$d:Verify error:$response" |
|
|
_err "$d:Verify error:$response" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_debug2 original "$response" |
|
|
_debug2 original "$response" |
|
|
@ -4689,7 +4688,7 @@ $_authorizations_map" |
|
|
fi |
|
|
fi |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4701,7 +4700,7 @@ $_authorizations_map" |
|
|
_err "$d:Verify error:$response" |
|
|
_err "$d:Verify error:$response" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" "$vlist" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" "$vlist" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4718,13 +4717,13 @@ $_authorizations_map" |
|
|
_info "Le_OrderFinalize" "$Le_OrderFinalize" |
|
|
_info "Le_OrderFinalize" "$Le_OrderFinalize" |
|
|
if ! _send_signed_request "${Le_OrderFinalize}" "{\"csr\": \"$der\"}"; then |
|
|
if ! _send_signed_request "${Le_OrderFinalize}" "{\"csr\": \"$der\"}"; then |
|
|
_err "Sign failed." |
|
|
_err "Sign failed." |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
if [ "$code" != "200" ]; then |
|
|
if [ "$code" != "200" ]; then |
|
|
_err "Sign failed, finalize code is not 200." |
|
|
_err "Sign failed, finalize code is not 200." |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
if [ -z "$Le_LinkOrder" ]; then |
|
|
if [ -z "$Le_LinkOrder" ]; then |
|
|
@ -4743,7 +4742,7 @@ $_authorizations_map" |
|
|
if [ -z "$Le_LinkCert" ]; then |
|
|
if [ -z "$Le_LinkCert" ]; then |
|
|
_err "Sign error, can not find Le_LinkCert" |
|
|
_err "Sign error, can not find Le_LinkCert" |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
break |
|
|
break |
|
|
@ -4760,21 +4759,21 @@ $_authorizations_map" |
|
|
else |
|
|
else |
|
|
_err "Sign error, wrong status" |
|
|
_err "Sign error, wrong status" |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
#the order is processing, so we are going to poll order status |
|
|
#the order is processing, so we are going to poll order status |
|
|
if [ -z "$Le_LinkOrder" ]; then |
|
|
if [ -z "$Le_LinkOrder" ]; then |
|
|
_err "Sign error, can not get order link location header" |
|
|
_err "Sign error, can not get order link location header" |
|
|
_err "responseHeaders" "$responseHeaders" |
|
|
_err "responseHeaders" "$responseHeaders" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_info "Polling order status: $Le_LinkOrder" |
|
|
_info "Polling order status: $Le_LinkOrder" |
|
|
if ! _send_signed_request "$Le_LinkOrder"; then |
|
|
if ! _send_signed_request "$Le_LinkOrder"; then |
|
|
_err "Sign failed, can not post to Le_LinkOrder cert:$Le_LinkOrder." |
|
|
_err "Sign failed, can not post to Le_LinkOrder cert:$Le_LinkOrder." |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_link_cert_retry="$(_math $_link_cert_retry + 1)" |
|
|
_link_cert_retry="$(_math $_link_cert_retry + 1)" |
|
|
@ -4783,7 +4782,7 @@ $_authorizations_map" |
|
|
if [ -z "$Le_LinkCert" ]; then |
|
|
if [ -z "$Le_LinkCert" ]; then |
|
|
_err "Sign failed, can not get Le_LinkCert, retry time limit." |
|
|
_err "Sign failed, can not get Le_LinkCert, retry time limit." |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_info "Downloading cert." |
|
|
_info "Downloading cert." |
|
|
@ -4791,7 +4790,7 @@ $_authorizations_map" |
|
|
if ! _send_signed_request "$Le_LinkCert"; then |
|
|
if ! _send_signed_request "$Le_LinkCert"; then |
|
|
_err "Sign failed, can not download cert:$Le_LinkCert." |
|
|
_err "Sign failed, can not download cert:$Le_LinkCert." |
|
|
_err "$response" |
|
|
_err "$response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4827,7 +4826,7 @@ $_authorizations_map" |
|
|
else |
|
|
else |
|
|
if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then |
|
|
if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then |
|
|
_err "Sign failed. $response" |
|
|
_err "Sign failed. $response" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_rcert="$response" |
|
|
_rcert="$response" |
|
|
@ -4853,7 +4852,7 @@ $_authorizations_map" |
|
|
if [ -z "$Le_LinkCert" ] || ! _checkcert "$CERT_PATH"; then |
|
|
if [ -z "$Le_LinkCert" ] || ! _checkcert "$CERT_PATH"; then |
|
|
response="$(echo "$response" | _dbase64 "multiline" | tr -d '\0' | _normalizeJson)" |
|
|
response="$(echo "$response" | _dbase64 "multiline" | tr -d '\0' | _normalizeJson)" |
|
|
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" |
|
|
_err "Sign failed: $(echo "$response" | _egrep_o '"detail":"[^"]*"')" |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -4986,7 +4985,7 @@ $_authorizations_map" |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if ! _on_issue_success "$_post_hook" "$_renew_hook"; then |
|
|
|
|
|
|
|
|
if ! _on_issue_success "$ACMESH_POST_HOOK" "$ACMESH_RENEW_HOOK"; then |
|
|
_err "Call hook error." |
|
|
_err "Call hook error." |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
@ -5264,7 +5263,7 @@ signcsr() { |
|
|
_info "Copy csr to: $CSR_PATH" |
|
|
_info "Copy csr to: $CSR_PATH" |
|
|
cp "$_csrfile" "$CSR_PATH" |
|
|
cp "$_csrfile" "$CSR_PATH" |
|
|
|
|
|
|
|
|
issue "$_csrW" "$_csrsubj" "$_csrdomainlist" "$_csrkeylength" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_addr" "$_challenge_alias" |
|
|
|
|
|
|
|
|
issue "$_csrW" "$_csrsubj" "$_csrdomainlist" "$_csrkeylength" "$_real_cert" "$_real_key" "$_real_ca" "$_reload_cmd" "$_real_fullchain" "$ACMESH_PRE_HOOK" "$ACMESH_POST_HOOK" "$ACMESH_RENEW_HOOK" "$_local_addr" "$_challenge_alias" |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
@ -5804,7 +5803,7 @@ _deactivate() { |
|
|
if [ -z "$_authorizations_seg" ]; then |
|
|
if [ -z "$_authorizations_seg" ]; then |
|
|
_err "_authorizations_seg not found." |
|
|
_err "_authorizations_seg not found." |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -5815,7 +5814,7 @@ _deactivate() { |
|
|
_err "_authorizations_seg" "$_authorizations_seg" |
|
|
_err "_authorizations_seg" "$_authorizations_seg" |
|
|
_err "authzUri" "$authzUri" |
|
|
_err "authzUri" "$authzUri" |
|
|
_clearup |
|
|
_clearup |
|
|
_on_issue_err "$_post_hook" |
|
|
|
|
|
|
|
|
_on_issue_err "$ACMESH_POST_HOOK" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
@ -7139,14 +7138,17 @@ _process() { |
|
|
;; |
|
|
;; |
|
|
--pre-hook) |
|
|
--pre-hook) |
|
|
_pre_hook="$2" |
|
|
_pre_hook="$2" |
|
|
|
|
|
ACMESH_PRE_HOOK="$_pre_hook" |
|
|
shift |
|
|
shift |
|
|
;; |
|
|
;; |
|
|
--post-hook) |
|
|
--post-hook) |
|
|
_post_hook="$2" |
|
|
_post_hook="$2" |
|
|
|
|
|
ACMESH_POST_HOOK="$_post_hook" |
|
|
shift |
|
|
shift |
|
|
;; |
|
|
;; |
|
|
--renew-hook) |
|
|
--renew-hook) |
|
|
_renew_hook="$2" |
|
|
_renew_hook="$2" |
|
|
|
|
|
ACMESH_RENEW_HOOK="$_renew_hook" |
|
|
shift |
|
|
shift |
|
|
;; |
|
|
;; |
|
|
--deploy-hook) |
|
|
--deploy-hook) |
|
|
@ -7155,6 +7157,7 @@ _process() { |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
_deploy_hook="$_deploy_hook$2," |
|
|
_deploy_hook="$_deploy_hook$2," |
|
|
|
|
|
ACMESH_DEPLOY_HOOK="$_deploy_hook$2" |
|
|
shift |
|
|
shift |
|
|
;; |
|
|
;; |
|
|
--ocsp-must-staple | --ocsp) |
|
|
--ocsp-must-staple | --ocsp) |
|
|
@ -7345,13 +7348,13 @@ _process() { |
|
|
uninstall) uninstall "$_nocron" ;; |
|
|
uninstall) uninstall "$_nocron" ;; |
|
|
upgrade) upgrade ;; |
|
|
upgrade) upgrade ;; |
|
|
issue) |
|
|
issue) |
|
|
issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias" "$_preferred_chain" |
|
|
|
|
|
|
|
|
issue "$_webroot" "$_domain" "$_altdomains" "$_keylength" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$ACMESH_PRE_HOOK" "$ACMESH_POST_HOOK" "$ACMESH_RENEW_HOOK" "$_local_address" "$_challenge_alias" "$_preferred_chain" |
|
|
;; |
|
|
;; |
|
|
deploy) |
|
|
deploy) |
|
|
deploy "$_domain" "$_deploy_hook" "$_ecc" |
|
|
|
|
|
|
|
|
deploy "$_domain" "$ACMESH_DEPLOY_HOOK" "$_ecc" |
|
|
;; |
|
|
;; |
|
|
signcsr) |
|
|
signcsr) |
|
|
signcsr "$_csr" "$_webroot" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$_pre_hook" "$_post_hook" "$_renew_hook" "$_local_address" "$_challenge_alias" |
|
|
|
|
|
|
|
|
signcsr "$_csr" "$_webroot" "$_cert_file" "$_key_file" "$_ca_file" "$_reloadcmd" "$_fullchain_file" "$ACMESH_PRE_HOOK" "$ACMESH_POST_HOOK" "$ACMESH_RENEW_HOOK" "$_local_address" "$_challenge_alias" |
|
|
;; |
|
|
;; |
|
|
showcsr) |
|
|
showcsr) |
|
|
showcsr "$_csr" "$_domain" |
|
|
showcsr "$_csr" "$_domain" |
|
|
|
Miclain Keffeler
5 years ago