WebSVN – ALCASAR – Diff – //scripts/alcasar-importcert.sh



#!/bin/bash
#
# $Id: alcasar-importcert.sh 2488 2018-02-25 14:53:54Z lucas.echard $
#
# alcasar-importcert.sh
# by Raphaël, Hugo, Clément, Bettyna & rexy
#
# This script is distributed under the Gnu General Public License (GPL)

	mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key
	if [ -f $DIR_CERT/certs/server-chain.crt.old ]
	then
		mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt
	fi
	cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem
	chown root:apache $DIR_CERT/private/alcasar.pem
	chmod 750 $DIR_CERT/private/alcasar.pem
}
 
function domainName() # change the domain name in the conf files
{
	fqdn=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1)

		mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old
	fi
 
	cp $cert $DIR_CERT/certs/alcasar.crt
	cp $key $DIR_CERT/private/alcasar.key
	cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem
 
	chown root:apache $DIR_CERT/certs/alcasar.crt
	chown root:apache $DIR_CERT/private/alcasar.key
	chown root:apache $DIR_CERT/private/alcasar.pem
 
	chmod 750 $DIR_CERT/certs/alcasar.crt
	chmod 750 $DIR_CERT/private/alcasar.key
	chmod 750 $DIR_CERT/private/alcasar.pem
 
	if [ "$sc" != "" ]
	then
		echo "cert-chain exists"
		if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ]

			fi
			echo "Importing certificate $cert with private key $key and server-chain $sc"
		fi
		domainName $cert
		certImport $cert $key $sc
		for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist lighttpd
		do
			echo "restarting $services"; systemctl restart $services; sleep 1
		done
		;;
	-d)
		if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ]
		then
			echo "Restoring default certificate"
			defaultCert
			defaultNdd
			for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist lighttpd
			do
				echo "restarting $services"; systemctl restart $services; sleep 1
			done
		fi
		;;

Rev 2472	Rev 2488
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`#`	2	`#`
3	`# $Id: alcasar-importcert.sh 2472 2017-12-29 23:49:24Z tom.houdayer $`	3	`# $Id: alcasar-importcert.sh 2488 2018-02-25 14:53:54Z lucas.echard $`
4	`#`	4	`#`
5	`# alcasar-importcert.sh`	5	`# alcasar-importcert.sh`
6	`# by Raphaël, Hugo, Clément, Bettyna & rexy`	6	`# by Raphaël, Hugo, Clément, Bettyna & rexy`
7	`#`	7	`#`
8	`# This script is distributed under the Gnu General Public License (GPL)`	8	`# This script is distributed under the Gnu General Public License (GPL)`
Line 38...	Line 38...
38	`mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key`	38	`mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key`
39	`if [ -f $DIR_CERT/certs/server-chain.crt.old ]`	39	`if [ -f $DIR_CERT/certs/server-chain.crt.old ]`
40	`then`	40	`then`
41	`mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt`	41	`mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt`
42	`fi`	42	`fi`
-		43	`cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem`
-		44	`chown root:apache $DIR_CERT/private/alcasar.pem`
-		45	`chmod 750 $DIR_CERT/private/alcasar.pem`
43	`}`	46	`}`
44		47
45	`function domainName() # change the domain name in the conf files`	48	`function domainName() # change the domain name in the conf files`
46	`{`	49	`{`
47	`fqdn=$(openssl x509 -noout -subject -in $cert \| sed -n '/^subject/s/^.*CN=//p' \| cut -d'/' -f 1)`	50	`fqdn=$(openssl x509 -noout -subject -in $cert \| sed -n '/^subject/s/^.*CN=//p' \| cut -d'/' -f 1)`
Line 78...	Line 81...
78	`mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old`	81	`mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old`
79	`fi`	82	`fi`
80		83
81	`cp $cert $DIR_CERT/certs/alcasar.crt`	84	`cp $cert $DIR_CERT/certs/alcasar.crt`
82	`cp $key $DIR_CERT/private/alcasar.key`	85	`cp $key $DIR_CERT/private/alcasar.key`
-		86	`cat $DIR_CERT/private/alcasar.key $DIR_CERT/certs/alcasar.crt > $DIR_CERT/private/alcasar.pem`
83		87
84	`chown root:apache $DIR_CERT/certs/alcasar.crt`	88	`chown root:apache $DIR_CERT/certs/alcasar.crt`
85	`chown root:apache $DIR_CERT/private/alcasar.key`	89	`chown root:apache $DIR_CERT/private/alcasar.key`
-		90	`chown root:apache $DIR_CERT/private/alcasar.pem`
86		91
87	`chmod 750 $DIR_CERT/certs/alcasar.crt`	92	`chmod 750 $DIR_CERT/certs/alcasar.crt`
88	`chmod 750 $DIR_CERT/private/alcasar.key`	93	`chmod 750 $DIR_CERT/private/alcasar.key`
-		94	`chmod 750 $DIR_CERT/private/alcasar.pem`
89		95
90	`if [ "$sc" != "" ]`	96	`if [ "$sc" != "" ]`
91	`then`	97	`then`
92	`echo "cert-chain exists"`	98	`echo "cert-chain exists"`
93	`if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ]`	99	`if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ]`
Line 162...	Line 168...
162	`fi`	168	`fi`
163	`echo "Importing certificate $cert with private key $key and server-chain $sc"`	169	`echo "Importing certificate $cert with private key $key and server-chain $sc"`
164	`fi`	170	`fi`
165	`domainName $cert`	171	`domainName $cert`
166	`certImport $cert $key $sc`	172	`certImport $cert $key $sc`
167	`for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist httpd`	173	`for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist lighttpd`
168	`do`	174	`do`
169	`echo "restarting $services"; systemctl restart $services; sleep 1`	175	`echo "restarting $services"; systemctl restart $services; sleep 1`
170	`done`	176	`done`
171	`;;`	177	`;;`
172	`-d)`	178	`-d)`
173	`if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ]`	179	`if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ]`
174	`then`	180	`then`
175	`echo "Restoring default certificate"`	181	`echo "Restoring default certificate"`
176	`defaultCert`	182	`defaultCert`
177	`defaultNdd`	183	`defaultNdd`
178	`for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist httpd`	184	`for services in chilli dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist lighttpd`
179	`do`	185	`do`
180	`echo "restarting $services"; systemctl restart $services; sleep 1`	186	`echo "restarting $services"; systemctl restart $services; sleep 1`
181	`done`	187	`done`
182	`fi`	188	`fi`
183	`;;`	189	`;;`

Subversion Repositories ALCASAR

(root)//scripts/alcasar-importcert.sh – Rev 2472 → 2488