Last active
February 19, 2023 01:39
-
-
Save skid9000/34269d66647b18cbcaca854e77890030 to your computer and use it in GitHub Desktop.
Update in TrueNAS an SSL certificate without re-creating it from the WebUI.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Author : Skid | |
# Version : v2023.02.19-01 | |
# Description : Update in TrueNAS CORE an SSL certificate without re-creating it from the WebUI. | |
# Licence : AGPLv3 | |
# | |
# Notes : | |
# This script is provided as is, i am not working for ixSystems, please don't contact me for support. | |
# For this script to work, you must run it from your TrueNAS CORE server as root, you must have your updated certificate in a accessible location. | |
# This script doesen't edit the private key, only the public certificate. | |
# This script hasn't been tested for TrueNAS Scale. | |
# Vars | |
crtpath="/some/path/to/certificate.crt" | |
# Copy/Paste the certificate name from the WebUI at System > Certificates | |
# WARNING : THE NAME IS CASE SENSITIVE !!! | |
crtname="mycertificate" | |
# YOU MUST RUN THIS SCRIPT AS ROOT. | |
if [ "$EUID" -ne 0 ] | |
then echo "Please run as root" | |
exit | |
fi | |
# Create an sql query in a file to update the certificate in the sqlite database. | |
printf 'UPDATE system_certificate SET cert_certificate="' > /tmp/cert-insert.sql | |
cat $crtpath >> /tmp/cert-insert.sql | |
# This wizardry below is made to remove the newline made by the cat command | |
length=$(wc -c </tmp/cert-insert.sql) | |
if [ "$length" -ne 0 ] && [ -z "$(tail -c -1 </tmp/cert-insert.sql)" ]; then | |
# The file ends with a newline or null | |
dd if=/dev/null of=/tmp/cert-insert.sql obs="$((length-1))" seek=1 | |
fi | |
printf '" WHERE cert_name="'$crtname'";' >> /tmp/cert-insert.sql | |
# Execute the newly made query to database. | |
sqlite3 /data/freenas-v1.db ".read /tmp/cert-insert.sql" | |
# Copy the certificate where nginx use it. | |
cp $crtpath /etc/certificates/$crtname.crt | |
# Restart nginx | |
service nginx restart | |
# Remove the temporary file. | |
rm /tmp/cert-insert.sql |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment