MENU

CF托管域名SSL签发

April 29, 2022 • linux相关

cf 托管的域名 ssl 一键申请

#!/bin/bash -i
#getssl.sh

DOMAIN=
ALL_DOMAIN=
CFKEY=
CFEMAIL=
INSTALL_CERT_PATH=

# 查看alias扩展是否启用
shopt expand_aliases
# 启用alias扩展
shopt -s expand_aliases
alias EXECUTE_ROOT="~/.acme.sh"
alias acme.sh="~/.acme.sh/acme.sh"

showhelp() {
    echo "Usage: 
    ./getssl.sh [example.com] [[email protected]] [8e53269881db6a7bb78389a5606801c1d287a798] [/etc/nginx/myssl]
    "
}

install_acmesh() {
    curl https://get.acme.sh | sh
}

reg_acmesh() {
    acme.sh --register-account -m $CFEMAIL
    export CF_Key="$CFKEY"
    export CF_Email="$CFEMAIL"
}

update_ssl() {
    echo "new ssl cert for the domain:"
    echo ${DOMAIN}
    echo ${ALL_DOMAIN}
    acme.sh --issue --dns dns_cf -d "${DOMAIN}" -d "${ALL_DOMAIN}"
}

install_cert() {
    mkdir -p ${INSTALL_CERT_PATH}
    cd ${EXECUTE_ROOT}/${DOMAIN}/
    cp ./${DOMAIN}.cer ${INSTALL_CERT_PATH}
    cp ./${DOMAIN}.key ${INSTALL_CERT_PATH}
    cp ./fullchain.cer ${INSTALL_CERT_PATH}
    echo "install cer files done: ${INSTALL_CERT_PATH}${DOMAIN}.cer"
}

process_args() {
    DOMAIN=$1
    ALL_DOMAIN="*.${DOMAIN}"
    CFKEY=$3
    CFEMAIL=$2
    INSTALL_CERT_PATH=$4/${DOMAIN}/
    echo "
    DOMAIN=${DOMAIN}
    ALL_DOMAIN='*.${DOMAIN}'
    CFKEY=${CFKEY}
    CFEMAIL=${CFEMAIL}
    INSTALL_CERT_PATH=${INSTALL_CERT_PATH}
    "
}

start() {
    cd ~
    install_acmesh
    reg_acmesh
    update_ssl
    install_cert
}

main() {
    if [ $# != 4 ]; then
        showhelp && return
    fi
    process_args [email protected]
    start
}

main [email protected]

使用在线版

curl -s https://ipm.sh/getssl.sh | bash -s abc.com [email protected] 8e53269881db6a7bb78389a5606801c1d287a798 /etc/nginx/myssl
Last Modified: September 21, 2022