1 |
unnilennium |
1.1 |
#!/bin/sh |
2 |
|
|
|
3 |
|
|
. /etc/dehydrated/config |
4 |
|
|
|
5 |
|
|
for DOM in $(find $BASEDIR/certs/ -mindepth 1 -maxdepth 1 -type d); do |
6 |
|
|
CUR_ID=$(readlink $DOM/cert.pem | perl -pe 's/cert-(\d+)\.pem/$1/') |
7 |
|
|
for ID in $(find $DOM/ -type f -name cert\*.csr -exec basename "{}" \; | perl -pe 's/cert-(\d+)\.csr/$1/'); do |
8 |
|
|
if [[ "$ID" != "$CUR_ID" ]]; then |
9 |
|
|
# Is the cert signed ? |
10 |
|
|
if /usr/bin/openssl x509 -in $DOM/cert-"$ID".pem -noout > /dev/null 2>&1; then |
11 |
|
|
/usr/bin/dehydrated -r $DOM/cert-"$ID".pem |
12 |
|
|
else |
13 |
|
|
# Cert not signed, probably a failed challenge |
14 |
|
|
rm -f $DOM/cert-"$ID".{pem,csr} |
15 |
|
|
fi |
16 |
|
|
fi |
17 |
|
|
done |
18 |
|
|
done |