summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xletsencrypt-helpers/make-combined-crt (renamed from letsencrypt-helpers/make-apache-crt)18
-rwxr-xr-xletsencrypt-helpers/renew-as-required4
-rwxr-xr-xletsencrypt-helpers/vhost-step-12
-rwxr-xr-xletsencrypt-helpers/vhost-step-22
4 files changed, 20 insertions, 6 deletions
diff --git a/letsencrypt-helpers/make-apache-crt b/letsencrypt-helpers/make-combined-crt
index 8c7eb09..b605765 100755
--- a/letsencrypt-helpers/make-apache-crt
+++ b/letsencrypt-helpers/make-combined-crt
@@ -21,6 +21,13 @@ fi
if [ -e "$cn-letsencrypt.pem" ] ; then
pem="$cn-letsencrypt.pem"
chain="extra/letsencryptauthorityx1.pem"
+elif [ -e "$cn.pem" ] ; then
+ pem="$cn.pem"
+ if [ -e "$cn-chain.pem" ]; then
+ chain="$cn-chain.pem"
+ else
+ chain=""
+ fi
elif [ -e "$cn-selfsigned.pem" ] ; then
pem="$cn-selfsigned.pem"
chain=""
@@ -34,6 +41,13 @@ fi
cat "$pem"
if [ -n "$chain" ]; then
cat "$chain"
-if [ -e extra/dh-4096.pem ]; then cat extra/dh-4096.pem; fi
fi
-) > $cn-apache.crt
+
+size=$(openssl rsa < "$cn".key -text -noout | awk -F: '$1 == "Private-Key" {print $2}' | sed -e 's/[^0-9]//g')
+if [ -e extra/dh-"$size".pem ]; then
+ cat extra/dh-"$size".pem;
+else
+ echo >&2 "Warning: No extra/dh-$size.pem file found."
+fi
+
+) > $cn-combined.crt
diff --git a/letsencrypt-helpers/renew-as-required b/letsencrypt-helpers/renew-as-required
index 0b404e4..768d23f 100755
--- a/letsencrypt-helpers/renew-as-required
+++ b/letsencrypt-helpers/renew-as-required
@@ -27,8 +27,8 @@ for i in *-letsencrypt.pem; do
err=1
continue
fi
- if ! make-apache-crt "$cn"; then
- echo >&2 "make-apache-crt for $cn failed."
+ if ! make-combined-crt "$cn"; then
+ echo >&2 "make-combined-crt for $cn failed."
err=1
continue
fi
diff --git a/letsencrypt-helpers/vhost-step-1 b/letsencrypt-helpers/vhost-step-1
index 1549d3b..cbe850a 100755
--- a/letsencrypt-helpers/vhost-step-1
+++ b/letsencrypt-helpers/vhost-step-1
@@ -13,6 +13,6 @@ shift
new-key "$cn"
new-csr "$cn"
-make-apache-crt "$cn"
+make-combined-crt "$cn"
echo "Enable vhost and "
echo " service apache2 reload"
diff --git a/letsencrypt-helpers/vhost-step-2 b/letsencrypt-helpers/vhost-step-2
index 7ddc2e6..03cc6f1 100755
--- a/letsencrypt-helpers/vhost-step-2
+++ b/letsencrypt-helpers/vhost-step-2
@@ -12,6 +12,6 @@ cn="$1"
shift
request-letsencrypt "$cn"
-make-apache-crt "$cn"
+make-combined-crt "$cn"
echo "Now"
echo " service apache2 reload"