diff options
| author | Thomas Lange <code@nerdmind.de> | 2016-12-24 09:28:33 +0100 |
|---|---|---|
| committer | Thomas Lange <code@nerdmind.de> | 2016-12-24 09:28:33 +0100 |
| commit | 03e82dac080d13d348a8479f8d73b145bb26e3d0 (patch) | |
| tree | 49b4d7949379e8af1ec62d9df9b649406ae96691 | |
| parent | 1830626b92d860012a56641b7a6c6f525a4ebdd7 (diff) | |
| download | painlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.tar.gz painlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.tar.xz painlessle-03e82dac080d13d348a8479f8d73b145bb26e3d0.zip | |
Delete previously obtained certificates only if Certbot has successfully accomplished the challenge and new certificates exists.
| -rwxr-xr-x | painless-le.sh | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/painless-le.sh b/painless-le.sh index b729017..d88f74f 100755 --- a/painless-le.sh +++ b/painless-le.sh @@ -85,13 +85,6 @@ if [ $? != 0 ]; then fi #=============================================================================== -# Delete previous certificates from the install directory -#=============================================================================== -[ -f "${INTERMEDIATE}" ] && rm "${INTERMEDIATE}" -[ -f "${CERTIFICATE_ONLY}" ] && rm "${CERTIFICATE_ONLY}" -[ -f "${CERTIFICATE_FULL}" ] && rm "${CERTIFICATE_FULL}" - -#=============================================================================== # Execute defined command BEFORE the ACME challenge is started #=============================================================================== [ ! -z "${LETSENCRYPT_COMMAND_BEFORE}" ] && $($LETSENCRYPT_COMMAND_BEFORE) @@ -100,7 +93,22 @@ fi # Execute Let's Encrypt and accomplish the ACME challenge to get the certificate #=============================================================================== certbot certonly --authenticator standalone --text --server "${LETSENCRYPT_ENDPOINT}" --csr "${REQUESTFILE}" \ ---cert-path "${CERTIFICATE_ONLY}" --fullchain-path "${CERTIFICATE_FULL}" --chain-path "${INTERMEDIATE}" +--cert-path "${CERTIFICATE_ONLY}.$$" --fullchain-path "${CERTIFICATE_FULL}.$$" --chain-path "${INTERMEDIATE}.$$" + +#=============================================================================== +# Checking if Certbot has successfully accomplished the ACME challenge +#=============================================================================== +if [ $? != 0 ]; then + echo "$0: Certbot could not successfully accomplish the ACME challenge." >&2 + exit 1 +fi + +#=============================================================================== +# Replace previous certificates with the new obtained certificate files +#=============================================================================== +[ -f "${INTERMEDIATE}.$$" ] && mv "${INTERMEDIATE}.$$" "${INTERMEDIATE}" +[ -f "${CERTIFICATE_ONLY}.$$" ] && mv "${CERTIFICATE_ONLY}.$$" "${CERTIFICATE_ONLY}" +[ -f "${CERTIFICATE_FULL}.$$" ] && mv "${CERTIFICATE_FULL}.$$" "${CERTIFICATE_FULL}" #=============================================================================== # Adjust the UNIX permissions with owner and group for the new created files |