JamesTheAwesomeDude/ncACMEutil.sh

## ncACMEutil.sh
#!/bin/sh
#	cd ~/ssl;ln -vs csrs/*.csr www.csr
#cron:	0 0 1 * * "${HOME}/ssl/ncACMEutil.sh" renew www.csr

#CONFIG
cpanellogin=1234567#get this from the "Products" page
cd "${HOME}/ssl"
account_key="lec.key"
account_contact="mailto:webmaster@example.org"
webroot="${HOME}/public_html"#TODO: support different webroots per-domain

#Upgrade TODO:
# - acme.sh (as soon as I can figure out how to get it NOT to
#   write a bunch of config files that ion_remember_asking for)
# - certbot (the ultimate goal.....if I can figure out how to
#   get it onto Namecheap's web hosts AND run config-less)

#TODO
#req_new_opts="-sha256"
#gencsr(){
#	dom0="${1}";shift
#	for domA in "${@}"; do
#
#	done
#	openssl req -new ${req_new_opts} -subj "/CN=${1}" -reqexts SAN\
#	-config <(printf "[SAN]\nsubjectAltName=DNS:yoursite.com,DNS:www.yoursite.com" | cat /etc/ssl/openssl.cnf) > domain.csr
#}
#
#issue(){
#	"Issuing new certificate"
#	domains="${1}";shift
#}

renew(){
	echo "It's time to renew your certificate!"
	csr="${1}";shift
	echo "Renewing CSR: ${csr}"
	openssl req -in "${csr}" -noout -text\
	 | grep -E '(Subject:|Subject Alternative Name|DNS:)'
	{ ("${HOME}/bin/acme_tiny.py" 2>&1\
	  --account-key "${account_key}"\
	  --contact "${account_contact}"\
	  --csr "${csr}"\
	  --acme-dir "${webroot}/.well-known/acme-challenge/"\
	  "${@}" 2>&3 3>&- && (
	  echo "You're going to want to upload the following into:"
	  echo "https://ap.www.namecheap.com/domains/hosting/package/cpanellogin/${cpanellogin}?pluginName=Website_SSL"
	  echo ""
	  )
	 ) | perl -0777 -pe ''\
	 3>&- ;
	} 3>&1
}

case "${1}" in
 renew)
	shift
	renew "${@}"
	;;
 *)
	exit 1
esac
	#!/bin/sh
	# cd ~/ssl;ln -vs csrs/*.csr www.csr
	#cron: 0 0 1 * * "${HOME}/ssl/ncACMEutil.sh" renew www.csr

	#CONFIG
	cpanellogin=1234567#get this from the "Products" page
	cd "${HOME}/ssl"
	account_key="lec.key"
	account_contact="mailto:webmaster@example.org"
	webroot="${HOME}/public_html"#TODO: support different webroots per-domain

	#Upgrade TODO:
	# - acme.sh (as soon as I can figure out how to get it NOT to
	# write a bunch of config files that ion_remember_asking for)
	# - certbot (the ultimate goal.....if I can figure out how to
	# get it onto Namecheap's web hosts AND run config-less)

	#TODO
	#req_new_opts="-sha256"
	#gencsr(){
	# dom0="${1}";shift
	# for domA in "${@}"; do
	#
	# done
	# openssl req -new ${req_new_opts} -subj "/CN=${1}" -reqexts SAN\
	# -config <(printf "[SAN]\nsubjectAltName=DNS:yoursite.com,DNS:www.yoursite.com" \| cat /etc/ssl/openssl.cnf) > domain.csr
	#}
	#
	#issue(){
	# "Issuing new certificate"
	# domains="${1}";shift
	#}

	renew(){
	echo "It's time to renew your certificate!"
	csr="${1}";shift
	echo "Renewing CSR: ${csr}"
	openssl req -in "${csr}" -noout -text\
	\| grep -E '(Subject:\|Subject Alternative Name\|DNS:)'
	{ ("${HOME}/bin/acme_tiny.py" 2>&1\
	--account-key "${account_key}"\
	--contact "${account_contact}"\
	--csr "${csr}"\
	--acme-dir "${webroot}/.well-known/acme-challenge/"\
	"${@}" 2>&3 3>&- && (
	echo "You're going to want to upload the following into:"
	echo "https://ap.www.namecheap.com/domains/hosting/package/cpanellogin/${cpanellogin}?pluginName=Website_SSL"
	echo ""
	)
	) \| perl -0777 -pe ''\
	3>&- ;
	} 3>&1
	}

	case "${1}" in
	renew)
	shift
	renew "${@}"
	;;
	*)
	exit 1
	esac