7,166
edits
No edit summary |
No edit summary |
||
Line 9: | Line 9: | ||
<syntaxhighlight lang="bash" enclose="div"> | <syntaxhighlight lang="bash" enclose="div"> | ||
#!/bin/bash | #!/bin/bash | ||
/usr/local/sbin/certbot certonly -d | /usr/local/sbin/certbot certonly -d $(hostname --fqdn) --standalone --manual-public-ip-logging-ok -n --preferred-chain "ISRG Root X1" --agree-tos --register-unsafely-without-email --key-type rsa | ||
if [ $? -ne 0 ] ; then | if [ $? -ne 0 ] ; then | ||
cp "/etc/letsencrypt/live/ | cp "/etc/letsencrypt/live/$(hostname --fqdn)/privkey.pem" /opt/zimbra/ssl/zimbra/commercial/commercial.key | ||
chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key | chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key | ||
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt | wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt | ||
rm -f "/etc/letsencrypt/live/ | rm -f "/etc/letsencrypt/live/$(hostname --fqdn)/chainZimbra.pem" | ||
cp "/etc/letsencrypt/live/ | cp "/etc/letsencrypt/live/$(hostname --fqdn)/chain.pem" "/etc/letsencrypt/live/$(hostname --fqdn)/chainZimbra.pem" | ||
cat /tmp/ISRG-X1.pem >> "/etc/letsencrypt/live/ | cat /tmp/ISRG-X1.pem >> "/etc/letsencrypt/live/$(hostname --fqdn)/chainZimbra.pem" | ||
chown zimbra:zimbra /etc/letsencrypt -R | chown zimbra:zimbra /etc/letsencrypt -R | ||
cd /tmp | cd /tmp | ||
su zimbra -c '/opt/zimbra/bin/zmcertmgr deploycrt comm "/etc/letsencrypt/live/ | su zimbra -c '/opt/zimbra/bin/zmcertmgr deploycrt comm "/etc/letsencrypt/live/$(hostname --fqdn)/cert.pem" "/etc/letsencrypt/live/mail.egrep.jp/chainZimbra.pem"' | ||
rm -f "/etc/letsencrypt/live/ | rm -f "/etc/letsencrypt/live/$(hostname --fqdn)/chainZimbra.pem" | ||
su -zimbra -c "zmcontrol restart" | su -zimbra -c "zmcontrol restart" | ||
fi | fi |