diff options
author | Simon Rettberg | 2014-11-18 19:26:40 +0100 |
---|---|---|
committer | Simon Rettberg | 2014-11-18 19:26:40 +0100 |
commit | d4ccf048ac965360c4d8cda1541cc924eee72570 (patch) | |
tree | 7bf153a9cb9b67dda7ea42b4a5552f21ea8071bb /scripts/install-https | |
parent | Many improvements and additions: (diff) | |
download | tmlite-bwlp-d4ccf048ac965360c4d8cda1541cc924eee72570.tar.gz tmlite-bwlp-d4ccf048ac965360c4d8cda1541cc924eee72570.tar.xz tmlite-bwlp-d4ccf048ac965360c4d8cda1541cc924eee72570.zip |
[LighttpdHttps] Allow importing a certificate chain
Diffstat (limited to 'scripts/install-https')
-rwxr-xr-x | scripts/install-https | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/scripts/install-https b/scripts/install-https index 84a6184..bb17abc 100755 --- a/scripts/install-https +++ b/scripts/install-https @@ -1,11 +1,13 @@ #!/bin/bash -CERT="/etc/lighttpd/server.pem" +CERTFILE="/etc/lighttpd/server.pem" +CHAINFILE="/etc/lighttpd/chain.pem" op_disable () { - [ -e "$CERT" ] || exit 0 - rm -f -- "$CERT" || exit 1 + [ -e "$CERTFILE" ] || exit 0 + rm -f -- "$CERTFILE" || exit 1 + rm -f -- "$CHAINFILE" } op_test () @@ -31,21 +33,28 @@ op_test () op_import () { - [ $# -eq 2 ] || exit 1 + [ $# -lt 2 ] || exit 1 local K=$1 local C=$2 + local CHAIN=$3 [ -r "$K" ] || exit 2 [ -r "$C" ] || exit 3 + rm -f -- "$CHAINFILE" # Create server.pem - cat "$C" "$K" > "$CERT" - chmod 0600 "$CERT" || exit 4 + cat "$C" "$K" > "$CERTFILE" + chmod 0600 "$CERTFILE" || exit 4 rm -f -- "$C" "$K" + # If we have a chainfile, try to use it aswell + if [ -s "$CHAIN" ]; then + openssl x509 -noout -hash -in "$CHAIN" >/dev/null 2>&1 && cp "$CHAIN" "$CHAINFILE" + fi } op_random () { [ -z "$1" ] && exit 1 - openssl req -x509 -new -newkey rsa:4096 -keyout "$CERT" -out "$CERT" -days 5000 -nodes -subj "/C=DE/ST=Nowhere/L=Springfield/O=bwLehrpool/CN=$1" || exit 2 + rm -f -- "$CHAINFILE" + openssl req -x509 -new -newkey rsa:4096 -keyout "$CERTFILE" -out "$CERTFILE" -days 5000 -nodes -subj "/C=DE/ST=Nowhere/L=Springfield/O=bwLehrpool/CN=$1" || exit 2 } OP=$1 |