Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4721 Commits
8 Branches
43 Tags
27 MiB
 
Tree: 862b5982e4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '862b5982e4'
${ noResults }
acme.sh/deploy/localhost.sh

103 lines
2.3 KiB
Raw Blame History

#!/usr/bin/bash
#
# Deploy cert to localhost similar to certbot behavior
#
# export DEPLOY_LOCALHOST_ROOT_PATH="/path/to/certs"
#
# Deploys as:
# /path/to/certs/domain.tld/privkey.pem
# /path/to/certs/domain.tld/cert.pem
# /path/to/certs/domain.tld/ca.pem
# /path/to/certs/domain.tld/fullchain.pem
#
# $1=domain $2=keyfile $3=certfile $4=cafile $5=fullchain
#
localhost_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
_getdeployconf DEPLOY_LOCALHOST_ROOT_PATH
_debug DEPLOY_LOCALHOST_ROOT_PATH "$DEPLOY_LOCALHOST_ROOT_PATH"
if [ -z "$_cdomain" ]; then
_err "Domain not defined"
return 1
fi
if [ -z "$DEPLOY_LOCALHOST_ROOT_PATH" ]; then
_err "DEPLOY_LOCALHOST_ROOT_PATH not defined"
return 1
fi
_ssl_path="$DEPLOY_LOCALHOST_ROOT_PATH"
if [ ! -d "$_ssl_path" ]; then
_err "Path not found: $_ssl_path"
return 1
fi
_savedeployconf DEPLOY_LOCALHOST_ROOT_PATH "$DEPLOY_LOCALHOST_ROOT_PATH"
_ssl_path="$_ssl_path/$_cdomain"
mkdir -p "$_ssl_path"
# ECC or RSA
length=$(_readdomainconf Le_Keylength)
if _isEccKey "$length"; then
_info "ECC key type detected"
_file_prefix="ecdsa-"
else
_info "RSA key type detected"
_file_prefix=""
fi
_info "Copying cert files..."
# {$2} _ckey
_filename="$_ssl_path/${_file_prefix}privkey.pem"
if ! cat "$_ckey" > "$_filename"; then
err "Error: Can't write $_filename"
return 1
fi
if ! chmod 600 "$_filename"; then
err "Error: Can't set protected 600 permission on privkey.pem"
rm -f "$_filename"
return 1
fi
# {$3} _ccert
_filename="$_ssl_path/${_file_prefix}cert.pem"
if ! cat "$_ccert" > "$_filename"; then
err "Error: Can't write $_filename"
return 1
fi
# {$4} _cca
_filename="$_ssl_path/${_file_prefix}ca.pem"
if ! cat "$_cca" > "$_filename"; then
err "Error: Can't write $_filename"
return 1
fi
# {$5} _cfullchain
_filename="$_ssl_path/${_file_prefix}fullchain.pem"
if ! cat "$_cfullchain" > "$_filename"; then
err "Error: Can't write $_filename"
return 1
fi
_info "Done: Cert files copied to $_ssl_path/"
return 0
}