Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2259 → Rev 2260

/scripts/alcasar-importcert.sh
1,4 → 1,4
#!/bin/sh
#!/bin/bash
#
# $Id$
#
18,15 → 18,13
SED="/bin/sed -ri"
DIR_CERT="/etc/pki/tls"
CONF_FILE="/usr/local/etc/alcasar.conf"
PRIVATE_IP_MASK=`grep PRIVATE_IP $CONF_FILE|cut -d"=" -f2`
PRIVATE_IP_MASK=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
DEFAULT_FQDN='alcasar.localdomain'
 
usage="Usage: alcasar-importcert.sh -i /path/to/certificate.crt -k /path/to/privatekey.key (-c /path/to/serverchain.crt) || alcasar-importcert.sh -d (Cette utilisation permet de revenir au certificat par default)"
usage="Usage: alcasar-importcert.sh -i /path/to/certificate.crt -k /path/to/privatekey.key [-c /path/to/serverchain.crt]\n alcasar-importcert.sh -d (restore default certificate)"
nb_args=$#
arg1=$1
 
 
function defaultNdd()
{
$SED "s/^HOSTNAME=.*/HOSTNAME=alcasar/g" /usr/local/etc/alcasar.conf
53,8 → 51,6
if [ -f $DIR_CERT/certs/server-chain.crt.old ]
then
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt
#else
# rm -f $DIR_CERT/certs/server-chain.crt
fi
}
 
62,19 → 58,19
{
fqdn=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1)
 
#check if there is a wildcard in $fqdn
if [[ $fqdn == *"*"* ]];
then
hostname="alcasar"
fqdn=${fqdn/"*"/$hostname}
else
hostname=`echo $fqdn | awk -F'.' '{ print $1 }'`
fi
domain=`echo $fqdn | awk -F'.' '{$1="";OFS=".";print $0}' |sed 's/^.//'`
echo "fqdn=$fqdn hostname=$hostname domain=$domain"
#check if there is a wildcard in $fqdn
if [[ $fqdn == *"*"* ]];
then
hostname="alcasar"
fqdn=${fqdn/"*"/$hostname}
else
hostname=`echo $fqdn | awk -F'.' '{ print $1 }'`
fi
domain=`echo $fqdn | awk -F'.' '{$1="";OFS=".";print $0}' | sed 's/^.//'`
echo "fqdn=$fqdn hostname=$hostname domain=$domain"
 
#check fqdn format
if [[ "$fqdn" != "" && "$domain" != "" && "$hostname" == "alcasar" ]];
#check fqdn format
if [[ "$fqdn" != "" && "$domain" != "" && "$hostname" == "alcasar" ]];
then
$SED "s/^HOSTNAME=.*/HOSTNAME=$hostname/g" /usr/local/etc/alcasar.conf
$SED "s/^DOMAIN=.*/DOMAIN=$domain/g" /usr/local/etc/alcasar.conf
106,16 → 102,16
echo "Backup of old private key (alcasar.key)"
mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old
fi
 
cp $cert $DIR_CERT/certs/alcasar.crt
cp $key $DIR_CERT/private/alcasar.key
 
rm $cert $key
 
chown root:apache $DIR_CERT/certs/alcasar.crt
chown root:apache $DIR_CERT/private/alcasar.key
 
chmod 750 $DIR_CERT/certs/alcasar.crt
chmod 750 $DIR_CERT/private/alcasar.key
 
if [ "$sc" != "" ]
then
echo "cert-chain exists"
125,7 → 121,6
mv $DIR_CERT/certs/server-chain.crt $DIR_CERT/certs/server-chain.crt.old
fi
cp $sc $DIR_CERT/certs/server-chain.crt
rm $sc
chown root:apache $DIR_CERT/certs/server-chain.crt
chmod 750 $DIR_CERT/certs/server-chain.crt
fi
134,13 → 129,13
 
if [ $nb_args -eq 0 ]
then
echo "$usage"
echo -e "$usage"
exit 1
fi
 
case $arg1 in
-\? | -h* | --h*)
echo "$usage"
echo -e "$usage"
exit 0
;;
-i)
152,11 → 147,11
 
if [ "$cert" == "" ] || [ "$key" == "" ]
then
echo "$usage"
echo -e "$usage"
exit 1
fi
 
if [ ! -f "$cert" -o ! -f "$key" ]
if [ ! -f "$cert" ] || [ ! -f "$key" ]
then
echo "Certificate and/or private key not found"
exit 1
202,6 → 197,6
fi
;;
*)
echo "$usage"
echo -e "$usage"
;;
esac