From a2b7d3d8377e767c73371e3aafbf84d40fa78d27 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 31 Dec 2015 15:53:27 +0100
Subject: rename -apache.crt to -combined.crt, load dh params based on rsa key
 size, use just .pem if it exists

---
 letsencrypt-helpers/make-combined-crt | 53 +++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100755 letsencrypt-helpers/make-combined-crt

(limited to 'letsencrypt-helpers/make-combined-crt')

diff --git a/letsencrypt-helpers/make-combined-crt b/letsencrypt-helpers/make-combined-crt
new file mode 100755
index 0000000..b605765
--- /dev/null
+++ b/letsencrypt-helpers/make-combined-crt
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+set -u
+
+cd ~/certs
+
+if [ "$#" != 1 ]; then
+  echo >&2 "Usage: $0 <fqdn>"
+  exit 1
+fi
+
+cn="$1"
+shift
+
+if ! [ -e "$cn.key" ] ; then
+  echo >&2 "$cn.key does not exist."
+  exit 1
+fi
+
+if [ -e "$cn-letsencrypt.pem" ] ; then
+  pem="$cn-letsencrypt.pem"
+  chain="extra/letsencryptauthorityx1.pem"
+elif [ -e "$cn.pem" ] ; then
+  pem="$cn.pem"
+  if [ -e "$cn-chain.pem" ]; then
+    chain="$cn-chain.pem"
+  else
+    chain=""
+  fi
+elif [ -e "$cn-selfsigned.pem" ] ; then
+  pem="$cn-selfsigned.pem"
+  chain=""
+  echo >&2 "Warning: only selfsigned cert available for $cn."
+else
+  echo >&2 "Error: no cert available for $cn."
+  exit 1
+fi
+
+(
+cat "$pem"
+if [ -n "$chain" ]; then
+cat "$chain"
+fi
+
+size=$(openssl rsa  < "$cn".key -text -noout | awk -F: '$1 == "Private-Key" {print $2}' | sed -e 's/[^0-9]//g')
+if [ -e extra/dh-"$size".pem ]; then
+  cat extra/dh-"$size".pem;
+else
+  echo >&2 "Warning: No extra/dh-$size.pem file found."
+fi
+
+) > $cn-combined.crt
-- 
cgit v1.2.3