aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2022-11-02Add "--server" and "--staging" optionsHEADmasterThomas Lange2-21/+30
Introduce a "--server" and "--staging" option to easily specify a custom ACME endpoint (or use of the staging server) which eliminates the hassle of manually editing the script for specifying a different ACME endpoint.
2022-11-01Process command-line options without getoptsThomas Lange1-11/+11
The "getopts" shell built-in works perfectly with short options but does not support long options, unfortunately. To be more flexible when adding new options, get rid of "getopts" and use a traditional loop instead.
2022-11-01Process arguments containing white space correctlyThomas Lange1-1/+1
Fix a bug where an argument containing white space is processed as two different arguments even if the argument was quoted correctly. Example: $ painless-le "target dir" example.org www.example.org > $1="target", $2="dir", $3="example.org" [...] To ensure that white space within arguments will be processed correctly, we must call "set" within "eval", and because of "eval" we need quoted arguments, so remove the "-u" („unquoted“) option from getopt.
2022-11-01Remove "LETSENCRYPT_COMMAND_(AFTER|BEFORE)" hooksThomas Lange2-20/+1
Instead of manually editing the script for defining commands that should be execute BEFORE and AFTER the ACME challenge, the users of this script better should execute those commands in their shell before and after running PainlessLE. There is no need for editing the script...
2022-11-01Rename "LETSENCRYPT_ENDPOINT" to "ACME_ENDPOINT"Thomas Lange2-4/+4
2022-11-01Don't use system-wide OpenSSL config anymoreThomas Lange1-3/+12
Use an inline assembled OpenSSL configuration instead of relying on the system-wide OpenSSL configuration (/etc/ssl/openssl.cnf) which location was specified by the hardcoded OPENSSLCONF variable inside the script. If the system-wide OpenSSL configuration file was not properly formatted or otherwise customized by the system administrator, it could've lead to conflicts with the CSR generation process in PainlessLE. The inline configuration now only consists of the neccessary parts which are relevant for generating the Certificate-Signing-Request. Tested on: - OpenSSL 1.1.1n @ Debian 11 (bullseye) - OpenSSL 1.1.1d @ openSUSE Leap 15.3
2022-11-01Use PEM format for temporary CSR fileThomas Lange1-1/+1
The Certificate-Signing-Request file which is passed to Certbot must be encoded either in PEM or DER format. Because PEM is the default, we can omit the unnecessary "-outform der" option of the openssl command.
2022-10-24Do some code cleanup/optimizing (including bugfix)Thomas Lange1-48/+49
Do some code cleanup and optimizing, and fix a bug where the script will always return exit code 1 if LETSENCRYPT_COMMAND_AFTER wasn't defined. The bug was caused by this last line in the script: [ ! -z "${LETSENCRYPT_COMMAND_AFTER}" ] \ && eval $LETSENCRYPT_COMMAND_AFTER ... and has been fixed by putting the "eval $LETSENCRYPT_COMMAND_AFTER" line into a real "if" container so that it doesn't affect the exit code of the script when LETSENCRYPT_COMMAND_AFTER is undefined: if [ ! -z "${LETSENCRYPT_COMMAND_AFTER}" ]; then eval $LETSENCRYPT_COMMAND_AFTER fi
2022-10-24Use positional args (change usage instructions)Thomas Lange2-37/+49
Use positional arguments for providing the target directory and the list of DNS hostnames to include within the certificate. Change the usage instructions accordingly and optimize some sentences in README file.
2022-10-24Normalize command-line arguments with GNU getoptThomas Lange1-1/+6
2022-10-23Optimize readme.mdThomas Lange1-10/+22
2022-10-23Update production ACME endpoint addressThomas Lange1-1/+1
2022-10-22Put script into package directoryThomas Lange2-2/+13
Put the script into the package directory which reflects the directory structure of /usr/local. This makes it easily possible to install the script to /usr/local/sbin with a tool like *GNU Stow*.
2022-10-22Update Let's Encrypt Staging Environment URLThomas Lange1-1/+1
2022-10-22Ensure that files ending with an LF characterThomas Lange3-3/+3
2021-03-11Make some more corrections to readme.mdThomas Lange1-6/+6
2021-03-11Make some corrections to readme.mdThomas Lange1-3/+3
2018-05-31Call "shift" after the getopts while loopThomas Lange1-1/+1
2018-05-20Remove wrong unicode character U+013A with U+006CThomas Lange1-1/+1
2018-05-20Remove the special emphasis of "RSA" because EC keys are working tooThomas Lange2-7/+7
2018-03-31Remove unnecessary command-line option "--text"Thomas Lange1-1/+1
This commit removes the unnecessary command-line option "--text" (see https://github.com/certbot/certbot/issues/4511#issuecomment-325507898).
2017-02-25Markdown formatting removed.Thomas Lange1-3/+3
2017-02-25Old license file removed.Thomas Lange1-9/+0
2017-02-25Typo in filename removed.Thomas Lange1-0/+9
2017-02-10Bugfix: Execute commands with "eval" to prevent problems with combined commands.Thomas Lange1-2/+2
2017-01-26Spelling mistake fixed.Thomas Lange1-1/+1
2017-01-03Use the full variable name $option instead of the abbreviation $opt.Thomas Lange1-2/+2
2016-12-24Delete previously obtained certificates only if Certbot has successfully ↵Thomas Lange1-8/+16
accomplished the challenge and new certificates exists.
2016-12-24Additional command-line options to customize the certificate target ↵Thomas Lange2-12/+28
filenames were added.
2016-12-23Delete Certificate-Signing-Request (CSR) file which was created by mktemp on ↵Thomas Lange1-0/+5
exit.
2016-12-23mktemp now creates the temporary CSR file by itself and with restricted UNIX ↵Thomas Lange1-1/+1
file permissions.
2016-12-22Comment section now contains the option name instead the internal variable name.Thomas Lange1-2/+2
2016-12-22Parsing command-line arguments with the getopts shell builtin.Thomas Lange2-9/+28
2016-12-21Comment section restructured and updated.Thomas Lange1-7/+6
2016-12-21Added an forgotten modifier to the sed pattern.Thomas Lange1-1/+1
2016-12-20ARGUMENT_HOSTNAMES must now contain only a colon separated string with the ↵Thomas Lange2-3/+3
hostnames.
2016-12-20Requirements section was added.Thomas Lange1-0/+3
2016-12-20Email address is only needed when creating an account on the ACME server.Thomas Lange2-5/+4
2016-12-19Added OPENSSLCONF variable which contains the path to the openssl.cnf file.Thomas Lange1-1/+2
2016-12-19Initial commitThomas Lange3-0/+122