|
@ -3969,6 +3969,16 @@ $_authorizations_map" |
|
|
_on_issue_err "$_post_hook" |
|
|
_on_issue_err "$_post_hook" |
|
|
return 1 |
|
|
return 1 |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
|
|
|
if [ "$(grep -- "$BEGIN_CERT" "$CERT_PATH" | wc -l)" -gt "1" ]; then |
|
|
|
|
|
_debug "Found cert chain" |
|
|
|
|
|
cat "$CERT_PATH" > "$CERT_FULLCHAIN_PATH" |
|
|
|
|
|
_end_n="$(grep -n -- "$END_CERT" "$CERT_FULLCHAIN_PATH" | _head_n 1 | cut -d : -f 1)" |
|
|
|
|
|
_debug _end_n "$_end_n" |
|
|
|
|
|
sed -n "1,${_end_n}p" "$CERT_FULLCHAIN_PATH" > "$CERT_PATH" |
|
|
|
|
|
_end_n="$(_math $_end_n + 1)" |
|
|
|
|
|
sed -n "${_end_n},9999p" "$CERT_FULLCHAIN_PATH" > "$CA_CERT_PATH" |
|
|
|
|
|
fi |
|
|
else |
|
|
else |
|
|
if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then |
|
|
if ! _send_signed_request "${ACME_NEW_ORDER}" "{\"resource\": \"$ACME_NEW_ORDER_RES\", \"csr\": \"$der\"}" "needbase64"; then |
|
|
_err "Sign failed." |
|
|
_err "Sign failed." |
|
@ -4022,6 +4032,9 @@ $_authorizations_map" |
|
|
|
|
|
|
|
|
_cleardomainconf "Le_Vlist" |
|
|
_cleardomainconf "Le_Vlist" |
|
|
|
|
|
|
|
|
|
|
|
if [ "$ACME_VERSION" = "2" ]; then |
|
|
|
|
|
_debug "v2 chain." |
|
|
|
|
|
else |
|
|
Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>') |
|
|
Le_LinkIssuer=$(grep -i '^Link' "$HTTP_HEADER" | _head_n 1 | cut -d " " -f 2 | cut -d ';' -f 1 | tr -d '<>') |
|
|
|
|
|
|
|
|
if [ "$Le_LinkIssuer" ]; then |
|
|
if [ "$Le_LinkIssuer" ]; then |
|
@ -4045,11 +4058,7 @@ $_authorizations_map" |
|
|
echo "$BEGIN_CERT" >"$CA_CERT_PATH" |
|
|
echo "$BEGIN_CERT" >"$CA_CERT_PATH" |
|
|
_base64 "multiline" <"$CA_CERT_PATH.der" >>"$CA_CERT_PATH" |
|
|
_base64 "multiline" <"$CA_CERT_PATH.der" >>"$CA_CERT_PATH" |
|
|
echo "$END_CERT" >>"$CA_CERT_PATH" |
|
|
echo "$END_CERT" >>"$CA_CERT_PATH" |
|
|
|
|
|
|
|
|
_info "The intermediate CA cert is in $(__green " $CA_CERT_PATH ")" |
|
|
|
|
|
cat "$CA_CERT_PATH" >>"$CERT_FULLCHAIN_PATH" |
|
|
cat "$CA_CERT_PATH" >>"$CERT_FULLCHAIN_PATH" |
|
|
_info "And the full chain certs is there: $(__green " $CERT_FULLCHAIN_PATH ")" |
|
|
|
|
|
|
|
|
|
|
|
rm -f "$CA_CERT_PATH.der" |
|
|
rm -f "$CA_CERT_PATH.der" |
|
|
break |
|
|
break |
|
|
fi |
|
|
fi |
|
@ -4063,6 +4072,9 @@ $_authorizations_map" |
|
|
else |
|
|
else |
|
|
_debug "No Le_LinkIssuer header found." |
|
|
_debug "No Le_LinkIssuer header found." |
|
|
fi |
|
|
fi |
|
|
|
|
|
fi |
|
|
|
|
|
[ -f "$CA_CERT_PATH" ] && _info "The intermediate CA cert is in $(__green " $CA_CERT_PATH ")" |
|
|
|
|
|
[ -f "$CERT_FULLCHAIN_PATH" ] && _info "And the full chain certs is there: $(__green " $CERT_FULLCHAIN_PATH ")" |
|
|
|
|
|
|
|
|
Le_CertCreateTime=$(_time) |
|
|
Le_CertCreateTime=$(_time) |
|
|
_savedomainconf "Le_CertCreateTime" "$Le_CertCreateTime" |
|
|
_savedomainconf "Le_CertCreateTime" "$Le_CertCreateTime" |
|
|