Ned Lucks onelittleant
onelittleant
/ rc-csr-generate-all.sh
Last active
August 29, 2015 13:58
Generates new SSL private keys and CSR requests from existing certificates on a server (based on our local certificate file storage structure) in response to Heartbleed CVE-2014-0160. Avoids re-entry of SSL certificate organization information. Bundles new CSR files in a zip in the working directory.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| find /var/www/. -type f -iname "*.crt" -print0 | while IFS= read -r -d $'\0' crtpath; do | |
| export DIR=${crtpath%/*} | |
| export VHOST=${DIR%/*} | |
| export FILE=`basename $crtpath` | |
| FILE=${FILE/\.crt/\.csr} | |
| export KEYFILE=${FILE/\.csr/\.key} | |
| export DOMAIN=${FILE%\.csr} | |
| if [ ! -d $DIR/newcerts ]; then | |
| mkdir $DIR/newcerts |