46 lines
1.2 KiB
Bash
46 lines
1.2 KiB
Bash
|
#!/bin/sh
|
||
|
|
|
||
|
|
############ TLS
|
||
|
|
|
||
|
|
TLS_CERT=${TLS_CERT:-/certs/cert.pem}
|
||
|
|
TLS_KEY=${TLS_KEY:-/certs/privkey.pem}
|
||
|
|
TLS_CHAIN=${TLS_CHAIN:-/certs/chain.pem}
|
||
|
|
|
||
|
|
cat $TLS_CERT > /etc/proftpd/cert.pem
|
||
|
|
cat $TLS_KEY > /etc/proftpd/privkey.pem
|
||
|
|
cat $TLS_CHAIN > /etc/proftpd/chain.pem
|
||
|
|
|
||
|
|
############ IF CERT IS THE SAME, THEN EXIT
|
||
|
|
|
||
|
|
md5sum -c /sums 1&>2 2>/dev/null && exit
|
||
|
|
|
||
|
|
############ CHECK CERT KEY ALGO
|
||
|
|
|
||
|
|
ALGO=$(openssl x509 -in /etc/proftpd/cert.pem -text | sed -n 's/\ *Public Key Algorithm: //p' | tr '\n')
|
||
|
|
|
||
|
|
if [ "$ALGO" = "id-ecPublicKey" ] ; then
|
||
|
|
cat > /etc/proftpd/conf.d/certificate.conf <<EOF
|
||
|
|
<IfModule mod_tls.c>
|
||
|
|
TLSECCertificateFile /etc/proftpd/cert.pem
|
||
|
|
TLSECCertificateKeyFile /etc/proftpd/privkey.pem
|
||
|
|
TLSCertificateChainFile /etc/proftpd/chain.pem
|
||
|
|
</IfModule>
|
||
|
|
EOF
|
||
|
|
fi
|
||
|
|
|
||
|
|
if [ "$ALGO" = "rsaEncryption" ] ; then
|
||
|
|
cat > /etc/proftpd/conf.d/certificate.conf <<EOF
|
||
|
|
<IfModule mod_tls.c>
|
||
|
|
TLSRSACertificateFile /etc/proftpd/cert.pem
|
||
|
|
TLSRSACertificateKeyFile /etc/proftpd/privkey.pem
|
||
|
|
TLSCertificateChainFile /etc/proftpd/chain.pem
|
||
|
|
</IfModule>
|
||
|
|
EOF
|
||
|
|
fi
|
||
|
|
|
||
|
|
md5sum "$TLS_CERT" > /sums
|
||
|
|
|
||
|
|
############ RELOAD
|
||
|
|
|
||
|
|
killall -HUP proftpd
|