LetsEncrypt helper

letsencrypt.sh

#!/usr/bin/env bash
# root@libcrack.so
# Fri Jan 27 03:46:04 CET 2017

error(){ printf "\e[0;31m${*}\e[0m\n"; }
success(){ printf "\e[0;32m${*}\e[0m\n"; }

if [ -z "$1" ]; then
    error "Usage: $0 host.domain.com"
    exit 1
fi

CN="$1"
CSR="/etc/ssl/acme/${CN}.csr"
CRT="/etc/ssl/acme/${CN}.crt"
KEY="/etc/ssl/acme/private/${CN}.key"

ACCT_KEY="/etc/ssl/acme/private/letsencrypt.key"

APACHE_DOCROOT="/var/apache2/htdocs"
ACME_HOME="$APACHE_DOCROOT/.well-known/acme-challenge/"


if [ ! -d "$APACHE_DOCROOT" ]; then
    error "Cannot find directory $APACHE_DOCROOT"
    exit 1
fi

if [ ! -d "$ACME_HOME" ]; then
    error "Cannot find directory $ACME_HOME"
    exit 2
fi

if [ ! -f "$ACCT_KEY" ]; then
    error "LetsEncrypt key not found: $ACCT_KEY"
    exit 3
fi

if [ ! -f "$KEY" ]; then
  echo "[*] Creating KEY $KEY"
    openssl genrsa 4096 > "$KEY"
else
    error "File already exists $KEY"
    exit 4
fi

if [ ! -f "$CSR" ]; then
    echo "[*] Creating CSR $CSR"
    openssl req -new -sha256 -key "$KEY" -subj "/CN=$CN" > "$CSR"
else
    error "File already exists $CSR"
    exit 5
fi

if [ ! -f "$CRT" ]; then
    echo "[*] Registering CN $CN"
    acme-tiny --account-key "$ACCT_KEY" --csr "$CSR" --acme-dir "$ACME_ROOTDIR" > "$CRT"
    exit $?
else
    error "File already exists $CRT"
    exit 6
fi

#EOF