wikrie/synology-fb-cert-transfer.sh

## synology-fb-cert-transfer.sh
#!/bin/bash

# parameters
USERNAME=""
PASSWORD="fritzbox-password"
CERTPATH="/usr/syno/etc/certificate/system/default/" ##this is the default Path for Synology Cert
CERTPASSWORD=""
HOST=http://192.168.178.1 ## I use IP instead of fritz.box for synology updates

# make and secure a temporary file
TMP="$(mktemp -t XXXXXX)"
chmod 600 $TMP

# login to the box and get a valid SID
CHALLENGE=`wget -q -O - $HOST/login_sid.lua | sed -e 's/^.*<Challenge>//' -e 's/<\/Challenge>.*$//'`
if [ -z $CHALLENGE ]
  then
    RESPONSE="Is HOST-name pointing to a Fritz!BOX?"
  else
    # continue with the script on success

    HASH="`echo -n $CHALLENGE-$PASSWORD | uconv -f ASCII -t UTF16LE |md5sum|awk '{print $1}'`"
    SID=`wget -q -O - "$HOST/login_sid.lua?sid=0000000000000000&username=$USERNAME&response=$CHALLENGE-$HASH"| sed -e 's/^.*<SID>//' -e 's/<\/SID>.*$//'`

    if [[ $SID == "0000000000000000" ]]
     then
       RESPONSE="Failed to authenticate."
     else
       # continue with the script on success

      # generate our upload request
      BOUNDARY="---------------------------"`date +%Y%m%d%H%M%S`
      printf -- "--$BOUNDARY\r\n" >> $TMP
      printf "Content-Disposition: form-data; name=\"sid\"\r\n\r\n$SID\r\n" >> $TMP
      printf -- "--$BOUNDARY\r\n" >> $TMP
      printf "Content-Disposition: form-data; name=\"BoxCertPassword\"\r\n\r\n$CERTPASSWORD\r\n" >> $TMP
      printf -- "--$BOUNDARY\r\n" >> $TMP
      printf "Content-Disposition: form-data; name=\"BoxCertImportFile\"; filename=\"BoxCert.pem\"\r\n" >> $TMP
      printf "Content-Type: application/octet-stream\r\n\r\n" >> $TMP
      cat $CERTPATH/privkey.pem >> $TMP
      cat $CERTPATH/fullchain.pem >> $TMP
      printf "\r\n" >> $TMP
      printf -- "--$BOUNDARY--" >> $TMP

      # upload the certificate to the box
      RESPONSE=`wget -q -O - $HOST/cgi-bin/firmwarecfg --header="Content-type: multipart/form-data boundary=$BOUNDARY" --post-file $TMP | grep SSL`
  fi
fi

# clean up
rm -f $TMP

if [ -z "$RESPONSE" ]
  then
    echo $HOST ": Certificate import failed."
  else
    echo $HOST ": " $RESPONSE
fi
	#!/bin/bash

	# parameters
	USERNAME=""
	PASSWORD="fritzbox-password"
	CERTPATH="/usr/syno/etc/certificate/system/default/" ##this is the default Path for Synology Cert
	CERTPASSWORD=""
	HOST=http://192.168.178.1 ## I use IP instead of fritz.box for synology updates

	# make and secure a temporary file
	TMP="$(mktemp -t XXXXXX)"
	chmod 600 $TMP

	# login to the box and get a valid SID
	CHALLENGE=`wget -q -O - $HOST/login_sid.lua \| sed -e 's/^.<Challenge>//' -e 's/<\/Challenge>.$//'`
	if [ -z $CHALLENGE ]
	then
	RESPONSE="Is HOST-name pointing to a Fritz!BOX?"
	else
	# continue with the script on success

	HASH="`echo -n $CHALLENGE-$PASSWORD \| uconv -f ASCII -t UTF16LE \|md5sum\|awk '{print $1}'`"
	SID=`wget -q -O - "$HOST/login_sid.lua?sid=0000000000000000&username=$USERNAME&response=$CHALLENGE-$HASH"\| sed -e 's/^.<SID>//' -e 's/<\/SID>.$//'`

	if [[ $SID == "0000000000000000" ]]
	then
	RESPONSE="Failed to authenticate."
	else
	# continue with the script on success

	# generate our upload request
	BOUNDARY="---------------------------"`date +%Y%m%d%H%M%S`
	printf -- "--$BOUNDARY\r\n" >> $TMP
	printf "Content-Disposition: form-data; name=\"sid\"\r\n\r\n$SID\r\n" >> $TMP
	printf -- "--$BOUNDARY\r\n" >> $TMP
	printf "Content-Disposition: form-data; name=\"BoxCertPassword\"\r\n\r\n$CERTPASSWORD\r\n" >> $TMP
	printf -- "--$BOUNDARY\r\n" >> $TMP
	printf "Content-Disposition: form-data; name=\"BoxCertImportFile\"; filename=\"BoxCert.pem\"\r\n" >> $TMP
	printf "Content-Type: application/octet-stream\r\n\r\n" >> $TMP
	cat $CERTPATH/privkey.pem >> $TMP
	cat $CERTPATH/fullchain.pem >> $TMP
	printf "\r\n" >> $TMP
	printf -- "--$BOUNDARY--" >> $TMP

	# upload the certificate to the box
	RESPONSE=`wget -q -O - $HOST/cgi-bin/firmwarecfg --header="Content-type: multipart/form-data boundary=$BOUNDARY" --post-file $TMP \| grep SSL`
	fi
	fi

	# clean up
	rm -f $TMP

	if [ -z "$RESPONSE" ]
	then
	echo $HOST ": Certificate import failed."
	else
	echo $HOST ": " $RESPONSE
	fi