1,4 → 1,4 |
#!/bin/sh |
#!/bin/bash |
# |
# $Id$ |
# |
18,15 → 18,13 |
SED="/bin/sed -ri" |
DIR_CERT="/etc/pki/tls" |
CONF_FILE="/usr/local/etc/alcasar.conf" |
PRIVATE_IP_MASK=`grep PRIVATE_IP $CONF_FILE|cut -d"=" -f2` |
PRIVATE_IP_MASK=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2` |
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1` |
DEFAULT_FQDN='alcasar.localdomain' |
|
usage="Usage: alcasar-importcert.sh -i /path/to/certificate.crt -k /path/to/privatekey.key (-c /path/to/serverchain.crt) || alcasar-importcert.sh -d (Cette utilisation permet de revenir au certificat par default)" |
usage="Usage: alcasar-importcert.sh -i /path/to/certificate.crt -k /path/to/privatekey.key [-c /path/to/serverchain.crt]\n alcasar-importcert.sh -d (restore default certificate)" |
nb_args=$# |
arg1=$1 |
|
|
function defaultNdd() |
{ |
$SED "s/^HOSTNAME=.*/HOSTNAME=alcasar/g" /usr/local/etc/alcasar.conf |
53,8 → 51,6 |
if [ -f $DIR_CERT/certs/server-chain.crt.old ] |
then |
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt |
#else |
# rm -f $DIR_CERT/certs/server-chain.crt |
fi |
} |
|
62,19 → 58,19 |
{ |
fqdn=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1) |
|
#check if there is a wildcard in $fqdn |
if [[ $fqdn == *"*"* ]]; |
then |
hostname="alcasar" |
fqdn=${fqdn/"*"/$hostname} |
else |
hostname=`echo $fqdn | awk -F'.' '{ print $1 }'` |
fi |
domain=`echo $fqdn | awk -F'.' '{$1="";OFS=".";print $0}' |sed 's/^.//'` |
echo "fqdn=$fqdn hostname=$hostname domain=$domain" |
#check if there is a wildcard in $fqdn |
if [[ $fqdn == *"*"* ]]; |
then |
hostname="alcasar" |
fqdn=${fqdn/"*"/$hostname} |
else |
hostname=`echo $fqdn | awk -F'.' '{ print $1 }'` |
fi |
domain=`echo $fqdn | awk -F'.' '{$1="";OFS=".";print $0}' | sed 's/^.//'` |
echo "fqdn=$fqdn hostname=$hostname domain=$domain" |
|
#check fqdn format |
if [[ "$fqdn" != "" && "$domain" != "" && "$hostname" == "alcasar" ]]; |
#check fqdn format |
if [[ "$fqdn" != "" && "$domain" != "" && "$hostname" == "alcasar" ]]; |
then |
$SED "s/^HOSTNAME=.*/HOSTNAME=$hostname/g" /usr/local/etc/alcasar.conf |
$SED "s/^DOMAIN=.*/DOMAIN=$domain/g" /usr/local/etc/alcasar.conf |
106,16 → 102,16 |
echo "Backup of old private key (alcasar.key)" |
mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old |
fi |
|
cp $cert $DIR_CERT/certs/alcasar.crt |
cp $key $DIR_CERT/private/alcasar.key |
|
rm $cert $key |
|
chown root:apache $DIR_CERT/certs/alcasar.crt |
chown root:apache $DIR_CERT/private/alcasar.key |
|
chmod 750 $DIR_CERT/certs/alcasar.crt |
chmod 750 $DIR_CERT/private/alcasar.key |
|
if [ "$sc" != "" ] |
then |
echo "cert-chain exists" |
125,7 → 121,6 |
mv $DIR_CERT/certs/server-chain.crt $DIR_CERT/certs/server-chain.crt.old |
fi |
cp $sc $DIR_CERT/certs/server-chain.crt |
rm $sc |
chown root:apache $DIR_CERT/certs/server-chain.crt |
chmod 750 $DIR_CERT/certs/server-chain.crt |
fi |
134,13 → 129,13 |
|
if [ $nb_args -eq 0 ] |
then |
echo "$usage" |
echo -e "$usage" |
exit 1 |
fi |
|
case $arg1 in |
-\? | -h* | --h*) |
echo "$usage" |
echo -e "$usage" |
exit 0 |
;; |
-i) |
152,11 → 147,11 |
|
if [ "$cert" == "" ] || [ "$key" == "" ] |
then |
echo "$usage" |
echo -e "$usage" |
exit 1 |
fi |
|
if [ ! -f "$cert" -o ! -f "$key" ] |
if [ ! -f "$cert" ] || [ ! -f "$key" ] |
then |
echo "Certificate and/or private key not found" |
exit 1 |
202,6 → 197,6 |
fi |
;; |
*) |
echo "$usage" |
echo -e "$usage" |
;; |
esac |