status="$(printf '%s\n' "${result}" | grep -Eo '"status":\s*"[^"]*"' | cut -d'"' -f4)"
- # get status until it a result is reached => not pending anymore
+ # get status until a result is reached => not pending anymore
while [[ "${status}" = "pending" ]]; do
sleep 1
status="$(_request get "${challenge_uri}" | grep -Eo '"status":\s*"[^"]*"' | cut -d'"' -f4)"
else
cat "${SCRIPTDIR}/certs/${ROOTCERT}" >> "${BASEDIR}/certs/${domain}/fullchain-${timestamp}.pem"
fi
- rm -f "${BASEDIR}/certs/${domain}/fullchain.pem"
- ln -s "fullchain-${timestamp}.pem" "${BASEDIR}/certs/${domain}/fullchain.pem"
+ ln -sf "fullchain-${timestamp}.pem" "${BASEDIR}/certs/${domain}/fullchain.pem"
fi
# Update remaining symlinks
if [ ! "${privkey}" = "privkey.pem" ]; then
- rm -f "${BASEDIR}/certs/${domain}/privkey.pem"
- ln -s "privkey-${timestamp}.pem" "${BASEDIR}/certs/${domain}/privkey.pem"
+ ln -sf "privkey-${timestamp}.pem" "${BASEDIR}/certs/${domain}/privkey.pem"
fi
- rm -f "${BASEDIR}/certs/${domain}/cert.csr"
- ln -s "cert-${timestamp}.csr" "${BASEDIR}/certs/${domain}/cert.csr"
-
- rm -f "${BASEDIR}/certs/${domain}/cert.pem"
- ln -s "cert-${timestamp}.pem" "${BASEDIR}/certs/${domain}/cert.pem"
+ ln -sf "cert-${timestamp}.csr" "${BASEDIR}/certs/${domain}/cert.csr"
+ ln -sf "cert-${timestamp}.pem" "${BASEDIR}/certs/${domain}/cert.pem"
# Wait for hook script to clean the challenge and to deploy cert if used
if [[ -n "${HOOK}" ]]; then
if [[ -e "${cert}" ]]; then
echo " + Found existing cert..."
- # Turning off exit on non-zero status for cert validation
- set +e; openssl x509 -checkend $((RENEW_DAYS * 86400)) -noout -in "${cert}"; expiring=$?; set -e
valid="$(openssl x509 -enddate -noout -in "${cert}" | cut -d= -f2- )"
echo -n " + Valid till ${valid} "
- if [[ ${expiring} -eq 0 ]]; then
+ if openssl x509 -checkend $((RENEW_DAYS * 86400)) -noout -in "${cert}"; then
echo "(Longer than ${RENEW_DAYS} days). Skipping!"
continue
fi