0,0 → 1,132 |
#!/bin/sh |
|
# alcasar-importcert.sh |
# by Raphaël, Hugo, Clément, Bettyna |
|
# This script is distributed under the Gnu General Public License (GPL) |
|
# Script permettant |
# - d'importer des certificats sur Alcasar |
|
# This script allows |
# - to import certificate in Alcasar |
|
SED="/bin/sed -ri" |
|
DIR_CERT="/etc/pki/tls" |
|
usage="Usage: alcasar-importcert.sh -i YourCertificate.crt -k YourAlcasar.key -c Chaîne.com" |
|
nb_args=$# |
args=$1 |
args1=$3 |
args2=$5 |
cert=$2 |
key=$4 |
sc=$6 |
|
function domainName() # change the domain name in the conf files |
{ |
|
ndd=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p') |
echo $ndd |
if [ "$ndd" != "" ] |
then |
$SED "s/^DOMAIN=.*/DOMAIN=$ndd/g" /usr/local/etc/alcasar.conf |
$SED "s/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.$ndd/g" /etc/hosts |
$SED "s/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.$ndd/g" /etc/chilli.conf |
$SED "s/^domain.*/domain\t\t$ndd/g" /etc/chilli.conf |
$SED "s/^ServerName.*/ServerName alcasar.$ndd/g" /etc/httpd/conf/httpd.conf |
fi |
} |
|
function certImport() |
{ |
cd $DIR_CERT |
|
if [ ! -f "/etc/pki/tls/certs/alcasar.crt.old" ] |
then |
echo "Backup of old cert (alcasar.crt)" |
mv certs/alcasar.crt certs/alcasar.crt.old |
fi |
if [ ! -f "/etc/pki/tls/private/alcasar.key.old" ] |
then |
echo "Backup of old private key (alcasar.key)" |
mv private/alcasar.key private/alcasar.key.old |
fi |
|
cp $cert certs/alcasar.crt |
cp $key private/alcasar.key |
|
chown root:apache certs/alcasar.crt |
chown root:apache private/alcasar.key |
|
chmod 750 certs/alcasar.crt |
chmod 750 private/alcasar.key |
|
if [ "$sc" != "" ] |
then |
echo "cert-chain exists" |
if [ ! -f "/etc/pki/tls/certs/server-chain.crt.old" ] |
then |
echo "Backup of old cert-chain (server-chain.crt)" |
mv certs/server-chain.crt certs/server-chain.crt.old |
fi |
cp $sc certs/server-chain.crt |
chown root:apache certs/server-chain.crt |
chmod 750 certs/server-chain.crt |
fi |
} |
|
if [ $nb_args -eq 0 ] || [ "$cert" == "" ] || [ "$key" == "" ] |
then |
nb_args=1 |
args="-h" |
fi |
|
case $args in |
-\? | -h* | --h*) |
echo "$usage" |
exit 0 |
;; |
-i) |
echo "You want import the certificate: $2" |
;; |
*) |
echo "Unknown argument: $1" |
echo "$usage" |
exit 1 |
;; |
esac |
|
case $args1 in |
-\? | -h* | --h*) |
echo "$usage" |
exit 0 |
;; |
-k) |
echo "With the private key: $4" |
;; |
*) |
echo "Unknown argument: $3" |
echo "$usage" |
exit 1 |
;; |
esac |
|
if [ "$args2" == "-c" ] |
then |
echo "And the cert-chain: $6" |
if [ "$sc" == "" ] |
then |
echo "! Can't find the file of the chain-cert" |
fi |
else |
echo "Without a cert-chain" |
sc="" |
fi |
|
domainName |
certImport $cert $key $sc |
systemctl restart chilli.service |
systemctl restart httpd.service |
Property changes: |
Added: svn:eol-style |
+native |
\ No newline at end of property |
Added: svn:executable |
+* |
\ No newline at end of property |