| 0,0 → 1,132 |
|---|
| #!/bin/sh |
| |
| # alcasar-importcert.sh |
| # by Raphaël, Hugo, Clément, Bettyna |
| |
| # This script is distributed under the Gnu General Public License (GPL) |
| |
| # Script permettant |
| # - d'importer des certificats sur Alcasar |
| |
| # This script allows |
| # - to import certificate in Alcasar |
| |
| SED="/bin/sed -ri" |
| |
| DIR_CERT="/etc/pki/tls" |
| |
| usage="Usage: alcasar-importcert.sh -i YourCertificate.crt -k YourAlcasar.key -c Chaîne.com" |
| |
| nb_args=$# |
| args=$1 |
| args1=$3 |
| args2=$5 |
| cert=$2 |
| key=$4 |
| sc=$6 |
| |
| function domainName() # change the domain name in the conf files |
| { |
| |
| ndd=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p') |
| echo $ndd |
| if [ "$ndd" != "" ] |
| then |
| $SED "s/^DOMAIN=.*/DOMAIN=$ndd/g" /usr/local/etc/alcasar.conf |
| $SED "s/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.$ndd/g" /etc/hosts |
| $SED "s/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.$ndd/g" /etc/chilli.conf |
| $SED "s/^domain.*/domain\t\t$ndd/g" /etc/chilli.conf |
| $SED "s/^ServerName.*/ServerName alcasar.$ndd/g" /etc/httpd/conf/httpd.conf |
| fi |
| } |
| |
| function certImport() |
| { |
| cd $DIR_CERT |
| |
| if [ ! -f "/etc/pki/tls/certs/alcasar.crt.old" ] |
| then |
| echo "Backup of old cert (alcasar.crt)" |
| mv certs/alcasar.crt certs/alcasar.crt.old |
| fi |
| if [ ! -f "/etc/pki/tls/private/alcasar.key.old" ] |
| then |
| echo "Backup of old private key (alcasar.key)" |
| mv private/alcasar.key private/alcasar.key.old |
| fi |
| |
| cp $cert certs/alcasar.crt |
| cp $key private/alcasar.key |
| |
| chown root:apache certs/alcasar.crt |
| chown root:apache private/alcasar.key |
| |
| chmod 750 certs/alcasar.crt |
| chmod 750 private/alcasar.key |
| |
| if [ "$sc" != "" ] |
| then |
| echo "cert-chain exists" |
| if [ ! -f "/etc/pki/tls/certs/server-chain.crt.old" ] |
| then |
| echo "Backup of old cert-chain (server-chain.crt)" |
| mv certs/server-chain.crt certs/server-chain.crt.old |
| fi |
| cp $sc certs/server-chain.crt |
| chown root:apache certs/server-chain.crt |
| chmod 750 certs/server-chain.crt |
| fi |
| } |
| |
| if [ $nb_args -eq 0 ] || [ "$cert" == "" ] || [ "$key" == "" ] |
| then |
| nb_args=1 |
| args="-h" |
| fi |
| |
| case $args in |
| -\? | -h* | --h*) |
| echo "$usage" |
| exit 0 |
| ;; |
| -i) |
| echo "You want import the certificate: $2" |
| ;; |
| *) |
| echo "Unknown argument: $1" |
| echo "$usage" |
| exit 1 |
| ;; |
| esac |
| |
| case $args1 in |
| -\? | -h* | --h*) |
| echo "$usage" |
| exit 0 |
| ;; |
| -k) |
| echo "With the private key: $4" |
| ;; |
| *) |
| echo "Unknown argument: $3" |
| echo "$usage" |
| exit 1 |
| ;; |
| esac |
| |
| if [ "$args2" == "-c" ] |
| then |
| echo "And the cert-chain: $6" |
| if [ "$sc" == "" ] |
| then |
| echo "! Can't find the file of the chain-cert" |
| fi |
| else |
| echo "Without a cert-chain" |
| sc="" |
| fi |
| |
| domainName |
| certImport $cert $key $sc |
| systemctl restart chilli.service |
| systemctl restart httpd.service |
| Property changes: |
|---|
| Added: svn:eol-style |
|---|
| +native |
|---|
| \ No newline at end of property |
|---|
| Added: svn:executable |
|---|
| +* |
|---|
| \ No newline at end of property |
|---|