39 lines
1.0 KiB
Bash
39 lines
1.0 KiB
Bash
|
#!/bin/sh
|
||
|
|
||
|
############ FILES
|
||
|
|
||
|
TLS_CERT=/acme/cert/cert.pem
|
||
|
TLS_KEY=/acme/cert/privkey.pem
|
||
|
TLS_CHAIN=/acme/cert/chain.pem
|
||
|
|
||
|
[ ! -f "$TLS_CERT" ] && exit 1
|
||
|
[ ! -f "$TLS_KEY" ] && exit 1
|
||
|
[ ! -f "$TLS_CHAIN" ] && exit 1
|
||
|
|
||
|
############ CHECK CERT KEY ALGO
|
||
|
ALGO=$(openssl x509 -in "$TLS_CERT"-text | sed -n 's/\ *Public Key Algorithm: //p' | tr '\n')
|
||
|
|
||
|
############ UPDATE cert config if needed
|
||
|
if [ "$ALGO" = "id-ecPublicKey" ] ; then
|
||
|
cat > /etc/proftpd/conf.d/certificate.conf <<EOF
|
||
|
<IfModule mod_tls.c>
|
||
|
TLSECCertificateFile "$TLS_CERT"
|
||
|
TLSECCertificateKeyFile "$TLS_KEY"
|
||
|
TLSCertificateChainFile "$TLS_CHAIN"
|
||
|
</IfModule>
|
||
|
EOF
|
||
|
fi
|
||
|
|
||
|
if [ "$ALGO" = "rsaEncryption" ] ; then
|
||
|
cat > /etc/proftpd/conf.d/certificate.conf <<EOF
|
||
|
<IfModule mod_tls.c>
|
||
|
TLSRSACertificateFile "$TLS_CERT"
|
||
|
TLSRSACertificateKeyFile "$TLS_KEY"
|
||
|
TLSCertificateChainFile "$TLS_CHAIN"
|
||
|
</IfModule>
|
||
|
EOF
|
||
|
fi
|
||
|
|
||
|
############ RELOAD PROFTPD IF RUNNING
|
||
|
pidof proftpd >/dev/null && killall -HUP proftpd
|