SSLR1Soft.sh 1.74 KB
Newer Older
MegaS0ra's avatar
MegaS0ra committed
1
2
#!/bin/bash
# Execute this script followed by the email address to which the Let's Encrypt certificate's notifications will be sent
MegaS0ra's avatar
MegaS0ra committed
3
4
5
6
7
8
9
10
11
12
13
rpm -qa | grep "git-"
if test $? -eq 1
then
        yum -y install git
fi

if [ ! -d "/root/letsencrypt/" ]; then
        git clone https://github.com/letsencrypt/letsencrypt
fi

service iptables stop
MegaS0ra's avatar
MegaS0ra committed
14
./letsencrypt/letsencrypt-auto certonly --standalone --agree-tos -d $(hostname) --rsa-key-size 4096 --email $1
MegaS0ra's avatar
MegaS0ra committed
15
16
17
18
19
20
21
22
service iptables start

cd /etc/letsencrypt/live/$(hostname)/
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -inform PEM -out privkey.pem.der -outform DER
openssl x509 -in fullchain.pem -inform PEM -out fullchain.pem.der -outform DER

cd /usr/sbin/r1soft/jre/bin
chmod 755 java keytool
MegaS0ra's avatar
MegaS0ra committed
23
wget https://github.com/MegaS0ra/LetsEncryptForR1Soft/raw/master/importkey.zip
MegaS0ra's avatar
MegaS0ra committed
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
unzip -o importkey.zip

./java ImportKey /etc/letsencrypt/live/$(hostname)/privkey.pem.der /etc/letsencrypt/live/$(hostname)/fullchain.pem.der

echo -e "importkey\npassword\npassword" | ./keytool -storepasswd -keystore /root/keystore.ImportKey

echo -e "password\nimportkey\npassword\npassword" | ./keytool -keypasswd -alias importkey -keystore /root/keystore.ImportKey

/bin/cp /root/keystore.ImportKey /root/keystore ; rm -f /root/keystore.ImportKey

echo -e "password\noui" | ./keytool -import -alias intermed -file /etc/letsencrypt/live/$(hostname)/chain.pem -keystore /root/keystore -trustcacerts

/bin/cp /usr/sbin/r1soft/conf/keystore /usr/sbin/r1soft/conf/keystore.old
/bin/cp /root/keystore /usr/sbin/r1soft/conf/keystore
service cdp-server restart

cd /usr/sbin/r1soft/conf/
echo -e "password" | keytool -delete -keystore keystore -alias cdp

echo -e "password" | keytool -changealias -keystore keystore -alias importkey -destalias cdp

service cdp-server restart