set -u
set -o pipefail
+# default config values
+CA="https://acme-v01.api.letsencrypt.org"
+LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
+
. ./config.sh
umask 077 # paranoid umask, we're creating private keys
curl -sSf "${2}" -d "${3}" 2>"${temperr}"
fi
if [ -s "${temperr}" ]; then
- echo " + ERROR: An error occured while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2
+ echo " + ERROR: An error occurred while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2
+ rm -f "${temperr}"
exit 1
fi
rm -f "${temperr}"
# If we generated a new private key in the step above we have to register it with the acme-server
if [ "${register}" = "1" ]; then
echo "+ Registering account key with letsencrypt..."
- signed_request "${CA}/acme/new-reg" '{"resource": "new-reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"}' > /dev/null
+ signed_request "${CA}/acme/new-reg" '{"resource": "new-reg", "agreement": "'"$LICENSE"'"}' > /dev/null
fi
# Generate certificates for all domains found in domain.txt (TODO: check if certificate already exists and is about to expire)