Created
January 6, 2019 00:49
-
-
Save 5p0ng3b0b/5dbfc31022c510f51c025cabaa99817a to your computer and use it in GitHub Desktop.
Script for generating and registering ssl certs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # sslsetup.sh | |
| # This script is designed to be run on a shared hosting service to automatically genrate and register SSL certs | |
| # Upload to your server and then run via ssh then set a cron job to renew every 90 days | |
| # Prerequisites: openssh, openssl, perl, gcc, | |
| # Usage: sslsetup <domainname> or: sslsetup | |
| # Initial setup (if not setup already) | |
| if [ ! -d ~/bin ]; then mkdir ~/bin; fi | |
| if [ ! -d ~/.cpan ]; then echo 'Configuring cpan'; echo y | cpan > /dev/null 2>&1; fi | |
| CMMD='eval "$(perl -I$HOME/perl5/lib/perl5 -Mlocal::lib)"' | |
| if [ $(cat ~/.bash_profile | grep -c "$CMMD" = 0) ] then echo 'Updating .bash_profile'; echo "$CMMD" >> ~.bash_profile; fi | |
| source ~/.bash_profile | |
| if [ ! -f ~/perl5/bin/le.pl ]; then echo "Installing crypt::LE"; cpan -i Crypt::LE; ln -s ~/perl5/bin/le.pl ~/bin/le | |
| if [ ! -f ~/perl5/bin/cpanm ]; then echo 'Installing cpanminus'; curl -Ls http://cpanmin.us | perl - App::cpanminus; ln -s ~/perl5/bin/cpanm ~/bin/cpanm; fi | |
| DOMAIN=$1 | |
| WWWROOT=~/public_html | |
| KEYSTOREFOLDER=~/ssl | |
| echo "Generate and register SSL certs for your domain." | |
| if [ ! "$DOMAIN" = "" ]; then | |
| while true; do | |
| read -p "Do you wish to generate and register ssl certs for $DOMAIN? [Y]" YN | |
| case $YN in | |
| [Yy]* ) break;; | |
| [Nn]* ) exit;; | |
| * ) echo "Please answer yes or no.";; | |
| esac | |
| done | |
| if [ "$DOMAIN" = "" ]; then | |
| read -p "Please enter your domain name : " DOMAIN | |
| while true; do | |
| read -p "you have entered $DOMAIN. Is this correct?" YN | |
| case $YN in | |
| [Yy]* ) break;; | |
| [Nn]* ) exit;; | |
| * ) echo "Please answer yes or no.";; | |
| esac | |
| done | |
| fi | |
| HOST=$(echo $DOMAIN | sed 's/\..*//') | |
| TLD=$(echo $DOMAIN | sed "s/$HOST//") | |
| if [ ! -d "$KEYSTOREFOLDER" ]; then mkdir $KEYSTOREFOLDER; fi | |
| if [ ! -f "$KEYSTOREFOLDER/account.key" ]; then echo 'Generating account key'; openssl genrsa -out account.key 4096; fi | |
| if [ ! -f "$KEYSTOREFOLDER/$HOST.key" ]; then echo 'Generating site key'; openssl genrsa -out $HOST.key 2048; fi | |
| le --key account.key --csr $HOST.csr --csr-key $HOST.key --crt $HOST.crt --domains "www.$DOMAIN,$DOMAIN" --path ~/public_html/.well-known/acme-challenge/ --generate-missing --unlink --live | |
| echo 'Finished' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment