mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-24 22:21:40 +00:00
remove ".well-known" folder after verification
This commit is contained in:
parent
f074cb1036
commit
ebcf30d02f
51
le.sh
51
le.sh
@ -374,6 +374,32 @@ _clearup () {
|
||||
_restoreApache
|
||||
}
|
||||
|
||||
# webroot removelevel tokenfile
|
||||
_clearupwebbroot() {
|
||||
__webroot="$1"
|
||||
if [ -z "$__webroot" ] ; then
|
||||
_debug "no webroot specified, skip"
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ "$2" == '1' ] ; then
|
||||
_debug "remove $__webroot/.well-known"
|
||||
rm -rf "$__webroot/.well-known"
|
||||
elif [ "$2" == '2' ] ; then
|
||||
_debug "remove $__webroot/.well-known/acme-challenge"
|
||||
rm -rf "$__webroot/.well-known/acme-challenge"
|
||||
elif [ "$2" == '3' ] ; then
|
||||
_debug "remove $__webroot/.well-known/acme-challenge/$3"
|
||||
rm -rf "$__webroot/.well-known/acme-challenge/$3"
|
||||
else
|
||||
_err "removelevel invalid: $2"
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
|
||||
}
|
||||
|
||||
issue() {
|
||||
if [ -z "$2" ] ; then
|
||||
_err "Usage: le issue webroot|no|apache|dns a.com [www.a.com,b.com,c.com]|no [key-length]|no [cert-file-path]|no [key-file-path]|no [ca-cert-file-path]|no [reloadCmd]|no"
|
||||
@ -589,7 +615,8 @@ issue() {
|
||||
_debug "d" "$d"
|
||||
_debug "keyauthorization" "$keyauthorization"
|
||||
_debug "uri" "$uri"
|
||||
|
||||
removelevel= ""
|
||||
token=""
|
||||
if [ "$vtype" == "$VTYPE_HTTP" ] ; then
|
||||
if [ "$Le_Webroot" == "no" ] ; then
|
||||
_info "Standalone mode server"
|
||||
@ -602,7 +629,15 @@ issue() {
|
||||
wellknown_path="$Le_Webroot/.well-known/acme-challenge"
|
||||
fi
|
||||
_debug wellknown_path "$wellknown_path"
|
||||
|
||||
|
||||
if [ ! -d "$Le_Webroot/.well-known" ] ; then
|
||||
removelevel='1'
|
||||
elif [ ! -d "$Le_Webroot/.well-known/acme-challenge" ] ; then
|
||||
removelevel='2'
|
||||
else
|
||||
removelevel='3'
|
||||
fi
|
||||
|
||||
token="$(echo -e -n "$keyauthorization" | cut -d '.' -f 1)"
|
||||
_debug "writing token:$token to $wellknown_path/$token"
|
||||
|
||||
@ -620,6 +655,7 @@ issue() {
|
||||
|
||||
if [ ! -z "$code" ] && [ ! "$code" == '202' ] ; then
|
||||
_err "$d:Challenge error: $resource"
|
||||
_clearupwebbroot "$Le_Webroot" "$removelevel" "$token"
|
||||
_clearup
|
||||
return 1
|
||||
fi
|
||||
@ -631,6 +667,7 @@ issue() {
|
||||
|
||||
if ! _get $uri ; then
|
||||
_err "$d:Verify error:$resource"
|
||||
_clearupwebbroot "$Le_Webroot" "$removelevel" "$token"
|
||||
_clearup
|
||||
return 1
|
||||
fi
|
||||
@ -638,12 +675,16 @@ issue() {
|
||||
status=$(echo $response | egrep -o '"status":"[^"]+"' | cut -d : -f 2 | sed 's/"//g')
|
||||
if [ "$status" == "valid" ] ; then
|
||||
_info "Success"
|
||||
_stopserver $serverproc
|
||||
serverproc=""
|
||||
_clearupwebbroot "$Le_Webroot" "$removelevel" "$token"
|
||||
break;
|
||||
fi
|
||||
|
||||
if [ "$status" == "invalid" ] ; then
|
||||
error=$(echo $response | egrep -o '"error":{[^}]*}' | grep -o '"detail":"[^"]*"' | cut -d '"' -f 4)
|
||||
_err "$d:Verify error:$error"
|
||||
_clearupwebbroot "$Le_Webroot" "$removelevel" "$token"
|
||||
_clearup
|
||||
return 1;
|
||||
fi
|
||||
@ -652,13 +693,13 @@ issue() {
|
||||
_info "Pending"
|
||||
else
|
||||
_err "$d:Verify error:$response"
|
||||
_clearupwebbroot "$Le_Webroot" "$removelevel" "$token"
|
||||
_clearup
|
||||
return 1
|
||||
fi
|
||||
|
||||
done
|
||||
_stopserver $serverproc
|
||||
serverproc=""
|
||||
|
||||
done
|
||||
|
||||
_clearup
|
||||
@ -669,7 +710,7 @@ issue() {
|
||||
|
||||
Le_LinkCert="$(grep -i -o '^Location.*' $CURL_HEADER |sed 's/\r//g'| cut -d " " -f 2)"
|
||||
_setopt "$DOMAIN_CONF" "Le_LinkCert" "=" "$Le_LinkCert"
|
||||
|
||||
|
||||
if [ "$Le_LinkCert" ] ; then
|
||||
echo -----BEGIN CERTIFICATE----- > "$CERT_PATH"
|
||||
curl --silent "$Le_LinkCert" | base64 >> "$CERT_PATH"
|
||||
|
Loading…
Reference in New Issue
Block a user