fryfrog
/
lets-encrypt-scripts
forked from brielle/lets-encrypt-scripts
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update readme

master
Brie Bruns 2016-03-08 12:32:11 -07:00
parent 3eb706a14a
commit d505039a09
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -19,3 +19,18 @@ DSTROOTCAX3.txt - Root CA cert needed for use with the gen-unifi-cert.sh script
apache-le-alias.conf - Use with apache for LE well-known alias config apache-le-alias.conf - Use with apache for LE well-known alias config
apache-le-proxy.conf - Use with apache for LE well-known proxy config apache-le-proxy.conf - Use with apache for LE well-known proxy config
How To Use
=============================================================
gen-unifi-cert.sh
1) Do initial cert generation:
gen-unifi-cert.sh -e email@address.com -d unifi.somedomain.com -d unifi.someotherdomain.com
2) Put in /etc/cron.weekly/renew-unifi-ssl if everything works okay:
/path/to/script/gen-unifi-cert.sh -r -d unifi.somedomain.com -d unifi.someotherdomain.com
3) Script will now run weekly and renew the certificate if necessary ( <30 days remain)
and restart unifi only if cert has been renewed.

4
gen-unifi-cert.sh
View File

@ -71,8 +71,8 @@ else
-deststorepass aircontrolenterprise -deststorepass aircontrolenterprise
echo "Inserting certificate into Unifi keystore..." echo "Inserting certificate into Unifi keystore..."
keytool -trustcacerts -importkeystore \ keytool -trustcacerts -importkeystore \
-deststorepass aircontrolenterprise \ -deststorepass aircontrolenterprise \
-destkeypass aircontrolenterprise \ -destkeypass aircontrolenterprise \
-destkeystore /usr/lib/unifi/data/keystore \ -destkeystore /usr/lib/unifi/data/keystore \
-srckeystore ${TEMPFILE} -srcstoretype PKCS12 \ -srckeystore ${TEMPFILE} -srcstoretype PKCS12 \
-srcstorepass aircontrolenterprise \ -srcstorepass aircontrolenterprise \