Subversion Repositories ALCASAR

Rev

Rev 1733 | Go to most recent revision | Details | Last modification | View Log

Rev Author Line No. Line
1710 richard 1 
#!/bin/sh
2 
 
3 
# alcasar-importcert.sh
4 
# by Raphaël, Hugo, Clément, Bettyna
5 
 
6 
# This script is distributed under the Gnu General Public License (GPL)
7 
 
8 
# Script permettant
9 
# - d'importer des certificats sur Alcasar
10 
 
11 
# This script allows
12 
# - to import certificate in Alcasar
13 
 
14 
SED="/bin/sed -ri"
15 
 
16 
DIR_CERT="/etc/pki/tls"
17 
 
18 
usage="Usage: alcasar-importcert.sh -i YourCertificate.crt -k YourAlcasar.key -c Chaîne.com"
19 
 
20 
nb_args=$#
21 
args=$1
22 
args1=$3
23 
args2=$5
24 
cert=$2
25 
key=$4
26 
sc=$6
27 
 
28 
function domainName() # change the domain name in the conf files
29 
{
30 
 
31 
	ndd=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p')
32 
	echo $ndd
33 
	if [ "$ndd" != "" ]
34 
	then
35 
		$SED "s/^DOMAIN=.*/DOMAIN=$ndd/g" /usr/local/etc/alcasar.conf
36 
		$SED "s/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.$ndd/g" /etc/hosts
37 
		$SED "s/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.$ndd/g" /etc/chilli.conf
38 
		$SED "s/^domain.*/domain\t\t$ndd/g" /etc/chilli.conf
39 
		$SED "s/^ServerName.*/ServerName alcasar.$ndd/g" /etc/httpd/conf/httpd.conf
40 
	fi
41 
}
42 
 
43 
function certImport()
44 
{
45 
	cd $DIR_CERT
46 
 
47 
	if [ ! -f "/etc/pki/tls/certs/alcasar.crt.old" ]
48 
	then
49 
		echo "Backup of old cert (alcasar.crt)"
50 
		mv certs/alcasar.crt certs/alcasar.crt.old
51 
	fi
52 
	if [ ! -f "/etc/pki/tls/private/alcasar.key.old" ]
53 
	then
54 
		echo "Backup of old private key (alcasar.key)"
55 
		mv private/alcasar.key private/alcasar.key.old
56 
	fi
57 
 
58 
	cp $cert certs/alcasar.crt
59 
	cp $key private/alcasar.key
60 
 
61 
	chown root:apache certs/alcasar.crt
62 
	chown root:apache private/alcasar.key
63 
 
64 
	chmod 750 certs/alcasar.crt
65 
	chmod 750 private/alcasar.key
66 
 
67 
	if [ "$sc" != "" ]
68 
	then
69 
		echo "cert-chain exists"
70 
		if [ ! -f "/etc/pki/tls/certs/server-chain.crt.old" ]
71 
		then
72 
			echo "Backup of old cert-chain (server-chain.crt)"
73 
			mv certs/server-chain.crt certs/server-chain.crt.old
74 
		fi
75 
		cp $sc certs/server-chain.crt
76 
		chown root:apache certs/server-chain.crt
77 
		chmod 750 certs/server-chain.crt
78 
	fi
79 
}
80 
 
81 
if [ $nb_args -eq 0 ] || [ "$cert" == "" ] || [ "$key" == "" ]
82 
then
83 
	nb_args=1
84 
	args="-h"
85 
fi
86 
 
87 
case $args in
88 
	-\? | -h* | --h*)
89 
		echo "$usage"
90 
		exit 0
91 
		;;
92 
	-i)
93 
		echo "You want import the certificate: $2"
94 
		;;
95 
	*)
96 
	echo "Unknown argument: $1"
97 
	echo "$usage"
98 
	exit 1
99 
	;;
100 
esac
101 
 
102 
case $args1 in
103 
	-\? | -h* | --h*)
104 
		echo "$usage"
105 
		exit 0
106 
		;;
107 
	-k)
108 
		echo "With the private key: $4"
109 
		;;
110 
	*)
111 
	echo "Unknown argument: $3"
112 
	echo "$usage"
113 
	exit 1
114 
	;;
115 
esac
116 
 
117 
if [ "$args2" == "-c" ]
118 
then
119 
	echo "And the cert-chain: $6"
120 
	if [ "$sc" == "" ]
121 
	then
122 
		echo "! Can't find the file of the chain-cert"
123 
	fi
124 
else
125 
	echo "Without a cert-chain"
126 
	sc=""
127 
fi
128 
 
129 
domainName
130 
certImport $cert $key $sc
131 
systemctl restart chilli.service
132 
systemctl restart httpd.service