You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

40 lines
1.5 KiB

  1. #!/usr/bin/env bash
  2. # Modified script from here: https://github.com/FarsetLabs/letsencrypt-helper-scripts/blob/master/letsencrypt-unifi.sh
  3. # Modified by: Brielle Bruns <bruns@2mbit.com>
  4. # Last Changed: 2/2/2016
  5. # Changed: Fixed some errors with key export/import, removed lame
  6. # docker requirements
  7. DOMAIN="unifi.xxxx.xxxxx"
  8. EMAIL="email@here"
  9. EXTRACERT="/root/DSTROOTCAX3.txt"
  10. TEMPFILE=$(mktemp)
  11. service unifi stop
  12. /usr/src/letsencrypt/letsencrypt-auto \
  13. --email ${EMAIL} \
  14. --server https://acme-v01.api.letsencrypt.org/directory \
  15. --agree-tos \
  16. --renew-by-default \
  17. -d ${DOMAIN} \
  18. --standalone --standalone-supported-challenges tls-sni-01 \
  19. certonly
  20. openssl pkcs12 -export -passout pass:aircontrolenterprise \
  21. -in /etc/letsencrypt/live/${DOMAIN}/cert.pem \
  22. -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem \
  23. -out ${TEMPFILE} -name unifi \
  24. -CAfile /etc/letsencrypt/live/${DOMAIN}/chain.pem -caname root
  25. keytool -delete -alias unifi -keystore /usr/lib/unifi/data/keystore \
  26. -deststorepass aircontrolenterprise
  27. keytool -trustcacerts -importkeystore \
  28. -deststorepass aircontrolenterprise \
  29. -destkeypass aircontrolenterprise \
  30. -destkeystore /usr/lib/unifi/data/keystore \
  31. -srckeystore ${TEMPFILE} -srcstoretype PKCS12 \
  32. -srcstorepass aircontrolenterprise \
  33. -alias unifi
  34. rm -f ${TEMPFILE}
  35. java -jar /usr/lib/unifi/lib/ace.jar import_cert \
  36. /etc/letsencrypt/live/${DOMAIN}/cert.pem \
  37. /etc/letsencrypt/live/${DOMAIN}/chain.pem \
  38. ${EXTRACERT}
  39. service unifi start