Split certificate and key into separate PEM files
This commit is contained in:
parent
e526c98d37
commit
7c2a31e495
1 changed files with 12 additions and 8 deletions
20
certman.sh
20
certman.sh
|
|
@ -87,7 +87,8 @@ download_and_verify_cert() {
|
|||
local key_api_key=$3
|
||||
local temp_cert="$TEMP_DIR/$domain.crt"
|
||||
local temp_key="$TEMP_DIR/$domain.key"
|
||||
local temp_fullchain="$TEMP_DIR/$domain.pem"
|
||||
local temp_cert_pem="$TEMP_DIR/$domain.cert.pem"
|
||||
local temp_key_pem="$TEMP_DIR/$domain.key.pem"
|
||||
|
||||
echo -e "${BLUE}Processing certificate for $domain${NC}"
|
||||
|
||||
|
|
@ -111,9 +112,10 @@ download_and_verify_cert() {
|
|||
return 1
|
||||
fi
|
||||
|
||||
# Create fullchain PEM if requested
|
||||
# Create PEM files if requested
|
||||
if [ "$FULLCHAIN_PEM" = "true" ]; then
|
||||
cat "$temp_cert" "$temp_key" > "$temp_fullchain"
|
||||
cat "$temp_cert" > "$temp_cert_pem"
|
||||
cat "$temp_key" > "$temp_key_pem"
|
||||
fi
|
||||
|
||||
# Validate certificate and key match
|
||||
|
|
@ -137,10 +139,12 @@ install_certificate() {
|
|||
local domain=$1
|
||||
local final_cert="$CERT_PATH/$domain.crt"
|
||||
local final_key="$KEY_PATH/$domain.key"
|
||||
local final_fullchain="$CERT_PATH/$domain.pem"
|
||||
local final_cert_pem="$CERT_PATH/$domain.cert.pem"
|
||||
local final_key_pem="$KEY_PATH/$domain.key.pem"
|
||||
local temp_cert="$TEMP_DIR/$domain.crt"
|
||||
local temp_key="$TEMP_DIR/$domain.key"
|
||||
local temp_fullchain="$TEMP_DIR/$domain.pem"
|
||||
local temp_cert_pem="$TEMP_DIR/$domain.cert.pem"
|
||||
local temp_key_pem="$TEMP_DIR/$domain.key.pem"
|
||||
local needs_reload=0
|
||||
|
||||
# Check if certificate needs updating
|
||||
|
|
@ -162,15 +166,15 @@ install_certificate() {
|
|||
fi
|
||||
|
||||
if [ "$FULLCHAIN_PEM" = "true" ]; then
|
||||
if ! cp -f "$temp_fullchain" "$final_fullchain"; then
|
||||
echo -e "${RED}Failed to install fullchain PEM for $domain${NC}"
|
||||
if ! cp -f "$temp_cert_pem" "$final_cert_pem" || ! cp -f "$temp_key_pem" "$final_key_pem"; then
|
||||
echo -e "${RED}Failed to install PEM files for $domain${NC}"
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# Set permissions and ownership
|
||||
local files=("$final_cert" "$final_key")
|
||||
[ "$FULLCHAIN_PEM" = "true" ] && files+=("$final_fullchain")
|
||||
[ "$FULLCHAIN_PEM" = "true" ] && files+=("$final_cert_pem" "$final_key_pem")
|
||||
|
||||
for file in "${files[@]}"; do
|
||||
if ! chown "$CERT_OWNER:$CERT_GROUP" "$file" || \
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue