diff --git a/bin/regen-certs b/bin/regen-certs index aa5d0d55..b8bfd3e6 100755 --- a/bin/regen-certs +++ b/bin/regen-certs @@ -1,72 +1,77 @@ #!/bin/bash base_dir=$(dirname $(dirname $0)) cert_dir="${base_dir}/docker/certs/" if [ ! -d "${cert_dir}" ]; then mkdir -p ${cert_dir} fi if [ ! -f "${cert_dir}/ca.key" ]; then openssl genrsa -out ${cert_dir}/ca.key 4096 openssl req \ -new \ -x509 \ -nodes \ -days 3650 \ -key ${cert_dir}/ca.key \ -out ${cert_dir}/ca.cert \ -subj '/O=Example CA/' fi if [ -f /etc/pki/tls/openssl.cnf ]; then openssl_cnf="/etc/pki/tls/openssl.cnf" elif [ -f /etc/ssl/openssl.cnf ]; then openssl_cnf="/etc/ssl/openssl.cnf" else echo "No openssl.cnf" exit 1 fi -APP_DOMAIN=$(grep APP_DOMAIN .env | tail -n1 | sed "s/APP_DOMAIN=//") +if [ "$#" -eq "0" ]; then + APP_DOMAIN=$(grep -P "^APP_DOMAIN=.*" .env | tail -n1 | sed "s/APP_DOMAIN=//") + DOMAINS="kolab.mgmt.com kolab.hosted.com imap.hosted.com admin.${APP_DOMAIN} meet.${APP_DOMAIN}" +else + DOMAINS=$1 +fi -for name in kolab.mgmt.com kolab.hosted.com imap.hosted.com {{admin,meet}.,}${APP_DOMAIN}; do +for name in $DOMAINS; do openssl genrsa -out ${cert_dir}/${name}.key 4096 openssl req \ -new \ -key ${cert_dir}/${name}.key \ -out ${cert_dir}/${name}.csr \ -subj "/O=Example CA/CN=${name}/" \ -reqexts SAN \ -config <(cat ${openssl_cnf} \ <(printf "[SAN]\nsubjectAltName=DNS:${name}")) openssl x509 \ -req \ -in ${cert_dir}/${name}.csr \ -CA ${cert_dir}/ca.cert \ -CAkey ${cert_dir}/ca.key \ -CAcreateserial \ -out ${cert_dir}/${name}.cert \ -days 28 \ -extfile <(cat ${openssl_cnf} \ <(printf "[SAN]\nsubjectAltName=DNS:${name}")) \ -extensions SAN # 'cause java ... openssl pkcs8 \ -topk8 \ -inform pem \ -in ${cert_dir}/${name}.key \ -outform pem \ -nocrypt \ -out ${cert_dir}/${name}_p8.key cat ${cert_dir}/${name}.cert \ ${cert_dir}/ca.cert > ${cert_dir}/${name}.chain.pem chmod 644 ${cert_dir}/*.{cert,key,pem} done