Skip to content

L
letsencrypt.sh
Commit bfeb21ad authored by Lukas Schauer's avatar Lukas Schauer
Browse files
Options

Merge pull request #157 from lschuermann/master 

Add hook for unchanged certificates.
parents b9ce2c43 dd33de59
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 2 deletions
hook.sh.example
View file @ bfeb21ad
...@@ -52,4 +52,24 @@ function deploy_cert { ...@@ -52,4 +52,24 @@ function deploy_cert {
# The path of the file containing the intermediate certificate(s). # The path of the file containing the intermediate certificate(s).
} }
function unchanged_cert {
local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}"
# This hook is called once for each certificate that is still
# valid and therefore wasn't reissued.
#
# Parameters:
# - DOMAIN
# The primary domain name, i.e. the certificate common
# name (CN).
# - KEYFILE
# The path of the file containing the private key.
# - CERTFILE
# The path of the file containing the signed certificate.
# - FULLCHAINFILE
# The path of the file containing the full certificate chain.
# - CHAINFILE
# The path of the file containing the intermediate certificate(s).
}
HANDLER=$1; shift; $HANDLER $@ HANDLER=$1; shift; $HANDLER $@
letsencrypt.sh
View file @ bfeb21ad
...@@ -595,7 +595,9 @@ command_sign_domains() { ...@@ -595,7 +595,9 @@ command_sign_domains() {
if [[ "${force_renew}" = "yes" ]]; then if [[ "${force_renew}" = "yes" ]]; then
echo "Ignoring because renew was forced!" echo "Ignoring because renew was forced!"
else else
echo "Skipping!" # Certificate-Names unchanged and cert is still valid
echo "Skipping renew!"
[[ -n "${HOOK}" ]] && "${HOOK}" "unchanged_cert" "${domain}" "${BASEDIR}/certs/${domain}/privkey.pem" "${BASEDIR}/certs/${domain}/cert.pem" "${BASEDIR}/certs/${domain}/fullchain.pem" "${BASEDIR}/certs/${domain}/chain.pem"
continue continue
fi fi
else else
......
test.sh
View file @ bfeb21ad
...@@ -153,7 +153,7 @@ _TEST "Run in cron mode again, this time with domain in domains.txt, should find ...@@ -153,7 +153,7 @@ _TEST "Run in cron mode again, this time with domain in domains.txt, should find
echo "${TMP_URL} ${TMP2_URL} ${TMP3_URL}" >> domains.txt echo "${TMP_URL} ${TMP2_URL} ${TMP3_URL}" >> domains.txt
./letsencrypt.sh --cron > tmplog 2> errorlog || _FAIL "Script execution failed" ./letsencrypt.sh --cron > tmplog 2> errorlog || _FAIL "Script execution failed"
_CHECK_LOG "Checking domain name(s) of existing cert... unchanged." _CHECK_LOG "Checking domain name(s) of existing cert... unchanged."
_CHECK_LOG "Skipping!" _CHECK_LOG "Skipping renew"
_CHECK_ERRORLOG _CHECK_ERRORLOG
# Run in cron mode one last time, with domain in domains.txt and force-resign (should find certificate, resign anyway, and not generate private key) # Run in cron mode one last time, with domain in domains.txt and force-resign (should find certificate, resign anyway, and not generate private key)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7