1 |
#!/bin/sh |
2 |
|
3 |
. /etc/dehydrated/config |
4 |
|
5 |
for DOM in $(find $BASEDIR/certs/ -mindepth 1 -maxdepth 1 -type d); do |
6 |
CUR_ID=$(readlink $DOM/cert.pem | perl -pe 's/cert-(\d+)\.pem/$1/') |
7 |
for ID in $(find $DOM/ -type f -name cert\*.csr -exec basename "{}" \; | perl -pe 's/cert-(\d+)\.csr/$1/'); do |
8 |
if [[ "$ID" != "$CUR_ID" ]]; then |
9 |
# Is the cert signed ? |
10 |
if /usr/bin/openssl x509 -in $DOM/cert-"$ID".pem -noout > /dev/null 2>&1; then |
11 |
/usr/bin/dehydrated -r $DOM/cert-"$ID".pem |
12 |
else |
13 |
# Cert not signed, probably a failed challenge |
14 |
rm -f $DOM/cert-"$ID".{pem,csr} |
15 |
fi |
16 |
fi |
17 |
done |
18 |
done |