#!/usr/bin/env sh
-VER=2.8.8
+VER=2.8.9
PROJECT_NAME="acme.sh"
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
+_DNSCHECK_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnscheck"
+
_DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
_DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
_err "Can not create temp file."
}
+#clear all the https envs to cause _inithttp() to run next time.
+_resethttp() {
+ __HTTP_INITIALIZED=""
+ _ACME_CURL=""
+ _ACME_WGET=""
+ ACME_HTTP_NO_REDIRECTS=""
+}
+
_inithttp() {
if [ -z "$HTTP_HEADER" ] || ! touch "$HTTP_HEADER"; then
fi
if [ -z "$_ACME_CURL" ] && _exists "curl"; then
- _ACME_CURL="curl -L --silent --dump-header $HTTP_HEADER "
+ _ACME_CURL="curl --silent --dump-header $HTTP_HEADER "
+ if [ -z "$ACME_HTTP_NO_REDIRECTS" ]; then
+ _ACME_CURL="$_ACME_CURL -L "
+ fi
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
_CURL_DUMP="$(_mktemp)"
_ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
if [ -z "$_ACME_WGET" ] && _exists "wget"; then
_ACME_WGET="wget -q"
+ if [ "$ACME_HTTP_NO_REDIRECTS" ]; then
+ _ACME_WGET="$_ACME_WGET --max-redirect 0 "
+ fi
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
_ACME_WGET="$_ACME_WGET -d "
fi
_end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
while [ "$(_time)" -le "$_end_time" ]; do
+ _info "You can use '--dnssleep' to disable public dns checks."
+ _info "See: $_DNSCHECK_WIKI"
_left=""
for entry in $dns_entries; do
d=$(_getfield "$entry" 1)
}
-# nocron confighome noprofile
+# nocron confighome noprofile accountemail
install() {
if [ -z "$LE_WORKING_DIR" ]; then
_nocron="$1"
_c_home="$2"
_noprofile="$3"
+ _accountemail="$4"
+
if ! _initpath; then
_err "Install failed."
return 1
fi
fi
+ if [ "$_accountemail" ]; then
+ _saveaccountconf "ACCOUNT_EMAIL" "$_accountemail"
+ fi
+
_info OK
}
--cert-home <directory> Specifies the home dir to save all the certs, only valid for '--install' command.
--config-home <directory> Specifies the home dir to save all the configurations.
--useragent <string> Specifies the user agent string. it will be saved for future use too.
- -m, --accountemail <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
+ -m, --email <email> Specifies the account email, only valid for the '--install' and '--update-account' command.
--accountkey <file> Specifies the account key path, only valid for the '--install' command.
--days <ndays> Specifies the days to renew the cert when using '--issue' command. The default value is $DEFAULT_RENEW days.
--httpport <port> Specifies the standalone listening port. Only valid if the server is behind a reverse proxy or load balancer.
--insecure Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
--ca-bundle <file> Specifies the path to the CA certificate bundle to verify api server's certificate.
--ca-path <directory> Specifies directory containing CA certificates in PEM format, used by wget or curl.
- --nocron Only valid for '--install' command, which means: do not install the default cron job.
+ --no-cron Only valid for '--install' command, which means: do not install the default cron job.
In this case, the certs will not be renewed automatically.
- --noprofile Only valid for '--install' command, which means: do not install aliases to user profile.
+ --no-profile Only valid for '--install' command, which means: do not install aliases to user profile.
--no-color Do not output color text.
--force-color Force output of color text. Useful for non-interactive use with the aha tool for HTML E-Mails.
--ecc Specifies to use the ECC cert. Valid for '--install-cert', '--renew', '--revoke', '--to-pkcs12' and '--create-csr'
"
}
-# nocron noprofile
-_installOnline() {
+installOnline() {
_info "Installing from online archive."
- _nocron="$1"
- _noprofile="$2"
- if [ ! "$BRANCH" ]; then
- BRANCH="master"
+
+ _branch="$BRANCH"
+ if [ -z "$_branch" ]; then
+ _branch="master"
fi
- target="$PROJECT/archive/$BRANCH.tar.gz"
+ target="$PROJECT/archive/$_branch.tar.gz"
_info "Downloading $target"
- localname="$BRANCH.tar.gz"
+ localname="$_branch.tar.gz"
if ! _get "$target" >$localname; then
_err "Download error."
return 1
exit 1
fi
- cd "$PROJECT_NAME-$BRANCH"
+ cd "$PROJECT_NAME-$_branch"
chmod +x $PROJECT_ENTRY
- if ./$PROJECT_ENTRY install "$_nocron" "" "$_noprofile"; then
+ if ./$PROJECT_ENTRY --install "$@"; then
_info "Install success!"
_initpath
_saveaccountconf "UPGRADE_HASH" "$(_getUpgradeHash)"
cd ..
- rm -rf "$PROJECT_NAME-$BRANCH"
+ rm -rf "$PROJECT_NAME-$_branch"
rm -f "$localname"
)
}
[ -z "$FORCE" ] && [ "$(_getUpgradeHash)" = "$(_readaccountconf "UPGRADE_HASH")" ] && _info "Already uptodate!" && exit 0
export LE_WORKING_DIR
cd "$LE_WORKING_DIR"
- _installOnline "nocron" "noprofile"
+ installOnline "--nocron" "--noprofile"
); then
_info "Upgrade success!"
exit 0
--install)
_CMD="install"
;;
+ --install-online)
+ shift
+ installOnline "$@"
+ return
+ ;;
--uninstall)
_CMD="uninstall"
;;
USER_AGENT="$_useragent"
shift
;;
- -m | --accountemail)
+ -m | --email | --accountemail)
_accountemail="$2"
- ACCOUNT_EMAIL="$_accountemail"
+ export ACCOUNT_EMAIL="$_accountemail"
shift
;;
--accountkey)
CA_PATH="$_ca_path"
shift
;;
- --nocron)
+ --no-cron | --nocron)
_nocron="1"
;;
- --noprofile)
+ --no-profile | --noprofile)
_noprofile="1"
;;
--no-color)
fi
_debug "Running cmd: ${_CMD}"
case "${_CMD}" in
- install) install "$_nocron" "$_confighome" "$_noprofile" ;;
+ install) install "$_nocron" "$_confighome" "$_noprofile" "$_accountemail" ;;
uninstall) uninstall "$_nocron" ;;
upgrade) upgrade ;;
issue)
}
-if [ "$INSTALLONLINE" ]; then
- INSTALLONLINE=""
- _installOnline
- exit
-fi
-
main() {
[ -z "$1" ] && showhelp && return
if _startswith "$1" '-'; then _process "$@"; else "$@"; fi