3 # Script to create certificate to qiniu.com
5 # This deployment required following variables
6 # export QINIU_AK="QINIUACCESSKEY"
7 # export QINIU_SK="QINIUSECRETKEY"
9 QINIU_API_BASE
="https://api.qiniu.com"
18 _debug _cdomain
"$_cdomain"
20 _debug _ccert
"$_ccert"
22 _debug _cfullchain
"$_cfullchain"
24 if [ -z "$QINIU_AK" ]; then
25 if [ -z "$Le_Deploy_Qiniu_AK" ]; then
26 _err
"QINIU_AK is not defined."
30 Le_Deploy_Qiniu_AK
="$QINIU_AK"
31 _savedomainconf Le_Deploy_Qiniu_AK
"$Le_Deploy_Qiniu_AK"
34 if [ -z "$QINIU_SK" ]; then
35 if [ -z "$Le_Deploy_Qiniu_SK" ]; then
36 _err
"QINIU_SK is not defined."
40 Le_Deploy_Qiniu_SK
="$QINIU_SK"
41 _savedomainconf Le_Deploy_Qiniu_SK
"$Le_Deploy_Qiniu_SK"
45 string_fullchain
=$
(awk '{printf "%s\\n", $0}' "$_cfullchain")
46 string_key
=$
(awk '{printf "%s\\n", $0}' "$_ckey")
48 sslcert_path
="/sslcert"
49 sslcerl_body
="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
50 sslcert_access_token
="$(_make_sslcreate_access_token "$sslcert_path")"
51 _debug sslcert_access_token
"$sslcert_access_token"
52 export _H1
="Authorization: QBox $sslcert_access_token"
53 sslcert_response
=$
(_post
"$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64
"multiline")
55 success_response
="certID"
56 if test "${sslcert_response#*$success_response}" == "$sslcert_response"; then
57 _err
"Error in creating certificate:"
58 _err
"$sslcert_response"
62 _debug sslcert_response
"$sslcert_response"
63 _info
"Certificate successfully uploaded, updating domain $_cdomain"
66 _certId
=$
(printf "%s" "$sslcert_response" |
sed -e "s/^.*certID\":\"//" -e "s/\"\}$//")
67 _debug certId
"$_certId"
69 ## update domain ssl config
70 update_path
="/domain/$_cdomain/httpsconf"
71 update_body
="{\"certid\":\"$_certId\",\"forceHttps\":true}"
72 update_access_token
="$(_make_sslcreate_access_token "$update_path")"
73 _debug update_access_token
"$update_access_token"
74 export _H1
="Authorization: QBox $update_access_token"
75 update_response
=$
(_post
"$update_body" "$QINIU_API_BASE$update_body" 0 "PUT" "application/json" | _dbase64
"multiline")
78 if test "${update_response#*$err_response}" != "$update_response"; then
79 _err
"Error in updating domain httpsconf:"
80 _err
"$update_response"
84 _debug update_response
"$update_response"
85 _info
"Certificate successfully deployed"
90 _make_sslcreate_access_token
() {
92 _token
="$(printf "%s
" "$_data" | openssl sha1 -hmac "$Le_Deploy_Qiniu_SK" -binary | openssl base64 -e)"
93 echo "$Le_Deploy_Qiniu_AK:$_token"