summaryrefslogtreecommitdiff
path: root/letsencrypt-helpers/make-combined-crt
diff options
context:
space:
mode:
authorPeter Palfrader <peter@palfrader.org>2016-04-04 22:09:18 +0200
committerPeter Palfrader <peter@palfrader.org>2016-04-04 22:09:18 +0200
commitad1527334c90424b101da3c6a03da3c46e301d8b (patch)
tree14076c071feb141bb8c3ba5d8c17229c96147645 /letsencrypt-helpers/make-combined-crt
parent8e77b0d63a29c806ca2264c3fee735e92244001a (diff)
Fetch intermediate certs from the url in the cert
Diffstat (limited to 'letsencrypt-helpers/make-combined-crt')
-rwxr-xr-xletsencrypt-helpers/make-combined-crt11
1 files changed, 10 insertions, 1 deletions
diff --git a/letsencrypt-helpers/make-combined-crt b/letsencrypt-helpers/make-combined-crt
index 2c6dc59..56a2989 100755
--- a/letsencrypt-helpers/make-combined-crt
+++ b/letsencrypt-helpers/make-combined-crt
@@ -41,7 +41,16 @@ fi
if [ -e "$cn-letsencrypt.pem" ] ; then
pem="$cn-letsencrypt.pem"
- chain="extra/lets-encrypt-x1-cross-signed.pem"
+
+ tmp=$(tempfile)
+ trap "rm -f '$tmp'" EXIT
+ issuers_uri="$(openssl x509 -in "$pem" -noout -text | grep 'CA Issuers - URI:' | cut -d':' -f2-)"
+ if [ "${issuers_uri#http}" != "$issuers_uri" ]; then
+ wget -q -O "$tmp" "$issuers_uri"
+ chain="$tmp"
+ else
+ chain=""
+ fi
elif [ -e "$cn.pem" ] ; then
pem="$cn.pem"
if [ -e "$cn-chain.pem" ]; then