aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThomas Lange <code@nerdmind.de>2016-12-24 09:28:33 +0100
committerThomas Lange <code@nerdmind.de>2016-12-24 09:28:33 +0100
commit03e82dac080d13d348a8479f8d73b145bb26e3d0 (patch)
tree49b4d7949379e8af1ec62d9df9b649406ae96691
parent1830626b92d860012a56641b7a6c6f525a4ebdd7 (diff)
downloadpainlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.tar.gz
painlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.tar.xz
painlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.zip
Delete previously obtained certificates only if Certbot has successfully accomplished the challenge and new certificates exists.
-rwxr-xr-xpainless-le.sh24
1 files changed, 16 insertions, 8 deletions
diff --git a/painless-le.sh b/painless-le.sh
index b729017..d88f74f 100755
--- a/painless-le.sh
+++ b/painless-le.sh
@@ -85,13 +85,6 @@ if [ $? != 0 ]; then
fi
#===============================================================================
-# Delete previous certificates from the install directory
-#===============================================================================
-[ -f "${INTERMEDIATE}" ] && rm "${INTERMEDIATE}"
-[ -f "${CERTIFICATE_ONLY}" ] && rm "${CERTIFICATE_ONLY}"
-[ -f "${CERTIFICATE_FULL}" ] && rm "${CERTIFICATE_FULL}"
-
-#===============================================================================
# Execute defined command BEFORE the ACME challenge is started
#===============================================================================
[ ! -z "${LETSENCRYPT_COMMAND_BEFORE}" ] && $($LETSENCRYPT_COMMAND_BEFORE)
@@ -100,7 +93,22 @@ fi
# Execute Let's Encrypt and accomplish the ACME challenge to get the certificate
#===============================================================================
certbot certonly --authenticator standalone --text --server "${LETSENCRYPT_ENDPOINT}" --csr "${REQUESTFILE}" \
---cert-path "${CERTIFICATE_ONLY}" --fullchain-path "${CERTIFICATE_FULL}" --chain-path "${INTERMEDIATE}"
+--cert-path "${CERTIFICATE_ONLY}.$$" --fullchain-path "${CERTIFICATE_FULL}.$$" --chain-path "${INTERMEDIATE}.$$"
+
+#===============================================================================
+# Checking if Certbot has successfully accomplished the ACME challenge
+#===============================================================================
+if [ $? != 0 ]; then
+ echo "$0: Certbot could not successfully accomplish the ACME challenge." >&2
+ exit 1
+fi
+
+#===============================================================================
+# Replace previous certificates with the new obtained certificate files
+#===============================================================================
+[ -f "${INTERMEDIATE}.$$" ] && mv "${INTERMEDIATE}.$$" "${INTERMEDIATE}"
+[ -f "${CERTIFICATE_ONLY}.$$" ] && mv "${CERTIFICATE_ONLY}.$$" "${CERTIFICATE_ONLY}"
+[ -f "${CERTIFICATE_FULL}.$$" ] && mv "${CERTIFICATE_FULL}.$$" "${CERTIFICATE_FULL}"
#===============================================================================
# Adjust the UNIX permissions with owner and group for the new created files