docker
/
nginx-certbot
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

properly concat all domains' certs

This commit is contained in:
Henri Dwyer 2016-09-21 20:55:28 -04:00
parent d49ac4b307
commit 50c94dc81f
1 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/run_certbot.sh
View File

@ -10,27 +10,35 @@ else
http-01" http-01"
fi fi
if $DEBUG
then
args=$args" --debug"
fi
for d in $DOMAINS for d in $DOMAINS
do do
args=$args" -d $d" args=$args" -d $d"
done done
certbot --agree-tos --renew-by-default \ certbot certonly --agree-tos --renew-by-default \
--text --server https://acme-v01.api.letsencrypt.org/directory \ --text --server https://acme-v01.api.letsencrypt.org/directory \
--email $EMAIL certonly $args --email $EMAIL $args
ec=$? ec=$?
echo "certbot exit code $ec" echo "certbot exit code $ec"
if [ $ec -eq 0 ] if [ $ec -eq 0 ]
then then
if $CONCAT for d in $DOMAINS
then do
# concat the full chain with the private key (e.g. for haproxy) if $CONCAT
cat /etc/letsencrypt/live/$d/fullchain.pem /etc/letsencrypt/live/$d/privkey.pem > /certs/$d.pem then
else # concat the full chain with the private key (e.g. for haproxy)
# keep full chain and private key in separate files (e.g. for nginx and apache) cat /etc/letsencrypt/live/$d/fullchain.pem /etc/letsencrypt/live/$d/privkey.pem > /certs/$d.pem
cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem else
cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key # keep full chain and private key in separate files (e.g. for nginx and apache)
fi cp /etc/letsencrypt/live/$d/fullchain.pem /certs/$d.pem
cp /etc/letsencrypt/live/$d/privkey.pem /certs/$d.key
fi
done
echo "Success! Your new certificates are in /certs/" echo "Success! Your new certificates are in /certs/"
else else
echo "Cerbot failed. Check the logs for details." echo "Cerbot failed. Check the logs for details."