From 03e82dac080d13d348a8479f8d73b145bb26e3d0 Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Sat, 24 Dec 2016 09:28:33 +0100 Subject: Delete previously obtained certificates only if Certbot has successfully accomplished the challenge and new certificates exists. --- painless-le.sh | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/painless-le.sh b/painless-le.sh index b729017..d88f74f 100755 --- a/painless-le.sh +++ b/painless-le.sh @@ -84,13 +84,6 @@ if [ $? != 0 ]; then exit 1 fi -#=============================================================================== -# Delete previous certificates from the install directory -#=============================================================================== -[ -f "${INTERMEDIATE}" ] && rm "${INTERMEDIATE}" -[ -f "${CERTIFICATE_ONLY}" ] && rm "${CERTIFICATE_ONLY}" -[ -f "${CERTIFICATE_FULL}" ] && rm "${CERTIFICATE_FULL}" - #=============================================================================== # Execute defined command BEFORE the ACME challenge is started #=============================================================================== @@ -100,7 +93,22 @@ fi # Execute Let's Encrypt and accomplish the ACME challenge to get the certificate #=============================================================================== certbot certonly --authenticator standalone --text --server "${LETSENCRYPT_ENDPOINT}" --csr "${REQUESTFILE}" \ ---cert-path "${CERTIFICATE_ONLY}" --fullchain-path "${CERTIFICATE_FULL}" --chain-path "${INTERMEDIATE}" +--cert-path "${CERTIFICATE_ONLY}.$$" --fullchain-path "${CERTIFICATE_FULL}.$$" --chain-path "${INTERMEDIATE}.$$" + +#=============================================================================== +# Checking if Certbot has successfully accomplished the ACME challenge +#=============================================================================== +if [ $? != 0 ]; then + echo "$0: Certbot could not successfully accomplish the ACME challenge." >&2 + exit 1 +fi + +#=============================================================================== +# Replace previous certificates with the new obtained certificate files +#=============================================================================== +[ -f "${INTERMEDIATE}.$$" ] && mv "${INTERMEDIATE}.$$" "${INTERMEDIATE}" +[ -f "${CERTIFICATE_ONLY}.$$" ] && mv "${CERTIFICATE_ONLY}.$$" "${CERTIFICATE_ONLY}" +[ -f "${CERTIFICATE_FULL}.$$" ] && mv "${CERTIFICATE_FULL}.$$" "${CERTIFICATE_FULL}" #=============================================================================== # Adjust the UNIX permissions with owner and group for the new created files -- cgit v1.2.3