forked from Qortal/qortal
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
47 lines
1.1 KiB
47 lines
1.1 KiB
#!/usr/bin/env bash |
|
|
|
set -e |
|
|
|
# Assumes Let's Encrypt |
|
|
|
if [ $# -ne 1 -a $# -ne 3 ]; then |
|
echo "usage: ${0%%*/} <domain> [<keystore> <password>]" |
|
exit 2 |
|
fi |
|
|
|
domain=$1 |
|
keystore=${2:-core-api.keystore} |
|
pass=${3:-kspassword} |
|
|
|
LEdirs=(/usr/local/etc /etc /opt .) |
|
for LEdir in "${LEdirs[@]}"; do |
|
srcdir="${LEdir}/letsencrypt/live/${domain}" |
|
if [ -d "$srcdir" ]; then |
|
echo "Using certs & keys from ${srcdir}" |
|
break; |
|
fi |
|
unset srcdir |
|
done |
|
|
|
if [ -z "${srcdir}" ]; then |
|
echo "Can't find Let's Encrypt folder for ${domain}" |
|
exit |
|
fi |
|
|
|
# key & cert |
|
rm -f "${domain}.p12" |
|
openssl pkcs12 \ |
|
-inkey "${srcdir}/privkey.pem" -in "${srcdir}/fullchain.pem" \ |
|
-export -out "${domain}.p12" -passout pass:"${pass}" \ |
|
-name "${domain}" |
|
|
|
rm -f "${keystore}" |
|
keytool -importkeystore -noprompt \ |
|
-srckeystore "${domain}.p12" -srcstoretype PKCS12 -srcstorepass "${pass}" \ |
|
-destkeystore "${keystore}" -deststorepass "${pass}" -destkeypass "${pass}" \ |
|
-alias "${domain}" |
|
|
|
printf "Built keystore: ${keystore}, with password: ${pass}\nFor settings.json:\n" |
|
|
|
printf "\tsslKeystorePathname: \"%s\",\n" "${keystore}" |
|
printf "\tsslKeystorePassword: \"%s\",\n" "${pass}"
|
|
|