nicholas/showcase
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

commit renew.sh

Browse Source
This commit is contained in:
nicholas
2022-01-28 20:18:43 +00:00
parent 8f288ad109
commit b38a5b5832
1 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
automation/certificates/internal/manios.ca/renew.sh Normal file
View File

@@ -0,0 +1,30 @@
#!/bin/sh
# loop through the directories
for hostDir in */ ; do
echo "Entering ${hostDir}";
# get the current CAs
(cd "${hostDir}" && sscep getca -f renew.cnf);
# if there is a cert present, then we likely want to issue
if test -f "${hostDir}/prev/crt.pem"; then
echo "Renewing certificate in ${hostDir}";
# generate a new key and csr
(cd "${hostDir}" && ./gen.sh);
# make the cert issue request
(cd "${hostDir}" && sscep enroll -f renew.cnf);
# make a full chain cert file
(cd "${hostDir}" && cat crt.pem ca.pem-1 ca.pem-2 > fullchain.pem);
echo "Copying the current cert to the 'prev' directory for future renews";
# copy this cert +key into the prev folder
(cd "${hostDir}" && cp crt.pem prev/crt.pem && cp key.pem prev/key.pem);
else
echo "Previous cert doesn't exist in ${hostDir}prev/crt.pem, do you mean to issue?";
fi;
done;