#!/bin/bash SITE_CODE=$1 DOMAIN_NAME=$2 # 解析域名 result=$(nslookup $DOMAIN_NAME | grep -Po 'Address: \K[\d.]+') result_www=$(nslookup www.$DOMAIN_NAME | grep -Po 'Address: \K[\d.]+') # 判断解析结果是否为空 if [ ! -z "$result" ] && [ ! -z "$result_www" ]; then #生成SSL证书 #生成位置 /root/.acme.sh/$DOMAIN_NAME /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME echo "result:"$result echo "result_www:"$result_www elif [ ! -z "$result" ] && [ -z "$result_www" ]; then /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME --webroot /usr/local/wwwroot/$DOMAIN_NAME echo "result":$result elif [ -z "$result" ] && [ ! -z "$result_www" ]; then /root/.acme.sh/acme.sh --issue -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME echo "result:"$result echo "result_www:"$result_www else echo "Parsing failed" fi #等待30s,确保SSL证书目录生成 sleep 30 if [ -d "/root/.acme.sh/$DOMAIN_NAME" ]; then fullchain=$(cat /root/.acme.sh/$DOMAIN_NAME/fullchain.cer) awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/$DOMAIN_NAME/fullchain.cer Certificate_body=$(cat fullchain.pem) echo '[start cert.pem]' echo $Certificate_body echo '[end cert.pem]' Certificate_chain=$(cat fullchain1.pem) Certificate_chain1=$(cat fullchain2.pem) echo '[start chain.pem]' echo ${Certificate_chain}" "${Certificate_chain1} echo '[end chain.pem]' Certificate_private_key=$(cat /root/.acme.sh/$DOMAIN_NAME/*key) echo '[start privkey.pem]' echo $Certificate_private_key echo '[end privkey.pem]' rm -rf *.pem elif [ -d "/root/.acme.sh/${DOMAIN_NAME}_ecc" ]; then fullchain=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer) awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer Certificate_body=$(cat fullchain.pem) echo '[start cert.pem]' echo $Certificate_body echo '[end cert.pem]' Certificate_chain=$(cat fullchain1.pem) Certificate_chain1=$(cat fullchain2.pem) echo '[start chain.pem]' echo ${Certificate_chain}" "${Certificate_chain1} echo '[end chain.pem]' Certificate_private_key=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/*key) echo '[start privkey.pem]' echo $Certificate_private_key echo '[end privkey.pem]' rm -rf *.pem else echo "SSL Certificate not found" fi