Начало Каталог Помощ
Регистрация Вход
wangfan
/
adweb-ops-scripts
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
Клон: master
Клонове Маркери
adweb-ops-scrip...
/
general_site_ssl.sh

general_site_ssl.sh 2.4 KB
Постоянна връзка История Директен файл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. #!/bin/bash
    2. 

  2. 

  3. SITE_CODE=$1
    4. 

  4. DOMAIN_NAME=$2
    5. 

  5. 

  6. # 解析域名
    7. 

  7. result=$(nslookup $DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')
    8. 

  8. result_www=$(nslookup www.$DOMAIN_NAME | grep -Po 'Address: \K[\d.]+')
    9. 

  9. 

  10. # 判断解析结果是否为空
    11. 

  11. if [ ! -z "$result" ] && [ ! -z "$result_www" ]; then
    12. 

  12.   #生成SSL证书
    13. 

  13.   #生成位置 /root/.acme.sh/$DOMAIN_NAME
    14. 

  14.   /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME
    15. 

  15.   echo "result:"$result
    16. 

  16.   echo "result_www:"$result_www
    17. 

  17. elif [ ! -z "$result" ] && [ -z "$result_www" ]; then
    18. 

  18.   /root/.acme.sh/acme.sh --issue -d $DOMAIN_NAME  --webroot /usr/local/wwwroot/$DOMAIN_NAME
    19. 

  19.   echo "result":$result
    20. 

  20. elif [ -z "$result" ] && [ ! -z "$result_www" ]; then
    21. 

  21.   /root/.acme.sh/acme.sh --issue -d "www.$DOMAIN_NAME" --webroot /usr/local/wwwroot/$DOMAIN_NAME
    22. 

  22.   echo "result:"$result
    23. 

  23.   echo "result_www:"$result_www
    24. 

  24. else
    25. 

  25.   echo "Parsing failed"
    26. 

  26. fi
    27. 

  27. 

  28. 

  29. #等待30s,确保SSL证书目录生成
    30. 

  30. sleep 30
    31. 

  31. 

  32. if [ -d "/root/.acme.sh/$DOMAIN_NAME" ]; then
    33. 

  33. fullchain=$(cat /root/.acme.sh/$DOMAIN_NAME/fullchain.cer)
    34. 

  34. awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/$DOMAIN_NAME/fullchain.cer
    35. 

  35. Certificate_body=$(cat fullchain.pem)
    36. 

  36. echo '[start cert.pem]'
    37. 

  37. echo $Certificate_body
    38. 

  38. echo '[end cert.pem]'
    39. 

  39. 

  40. Certificate_chain=$(cat fullchain1.pem)
    41. 

  41. Certificate_chain1=$(cat fullchain2.pem)
    42. 

  42. echo '[start chain.pem]'
    43. 

  43. echo ${Certificate_chain}" "${Certificate_chain1}
    44. 

  44. echo '[end chain.pem]'
    45. 

  45. 

  46. Certificate_private_key=$(cat /root/.acme.sh/$DOMAIN_NAME/*key)
    47. 

  47. echo '[start privkey.pem]'
    48. 

  48. echo $Certificate_private_key
    49. 

  49. echo '[end privkey.pem]'
    50. 

  50. 

  51. rm -rf *.pem
    52. 

  52. elif [ -d "/root/.acme.sh/${DOMAIN_NAME}_ecc" ]; then
    53. 

  53. fullchain=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer)
    54. 

  54. awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "fullchain" n ".pem"}' < /root/.acme.sh/${DOMAIN_NAME}_ecc/fullchain.cer
    55. 

  55. Certificate_body=$(cat fullchain.pem)
    56. 

  56. echo '[start cert.pem]'
    57. 

  57. echo $Certificate_body
    58. 

  58. echo '[end cert.pem]'
    59. 

  59. 

  60. Certificate_chain=$(cat fullchain1.pem)
    61. 

  61. Certificate_chain1=$(cat fullchain2.pem)
    62. 

  62. echo '[start chain.pem]'
    63. 

  63. echo ${Certificate_chain}" "${Certificate_chain1}
    64. 

  64. echo '[end chain.pem]'
    65. 

  65. 

  66. Certificate_private_key=$(cat /root/.acme.sh/${DOMAIN_NAME}_ecc/*key)
    67. 

  67. echo '[start privkey.pem]'
    68. 

  68. echo $Certificate_private_key
    69. 

  69. echo '[end privkey.pem]'
    70. 

  70. rm -rf *.pem
    71. 

  71. else
    72. 

  72. echo "SSL Certificate not found"
    73. 

  73. fi
    74.