Make certdumper output fullchain-pems

Before it only outputted a pem-file with the server-certificate — however, it seems some clients want the fullchain delivered, as it’s common with letsencrypt. closes #847 (cherry picked from commit 2c5f9771173a76219aea392ccead35a6635a741b) # Conflicts: # optional/traefik-certdumper/run.sh
2025-02-09 13:23:54 +02:00 · 2019-01-19 10:35:13 +01:00 · 2019-01-19 10:35:13 +01:00 · af40c7af84
commit af40c7af84
parent 6b5bb5fcd1
1 changed files with 13 additions and 0 deletions
--- a/optional/traefik-certdumper/run.sh
+++ b/optional/traefik-certdumper/run.sh
@ -3,6 +3,7 @@
 function dump() {
    echo "$(date) Dumping certificates"

+<<<<<<< HEAD
    traefik-certs-dumper file --version ${TRAEFIK_VERSION:-v1} --crt-name "cert" --crt-ext ".pem" --key-name "key" --key-ext ".pem" --domain-subdir --dest /tmp/work --source /traefik/acme.json > /dev/null

    if [[ -f "/tmp/work/${DOMAIN}/cert.pem" && -f "/tmp/work/${DOMAIN}/key.pem" && -f /output/cert.pem && -f /output/key.pem ]] && \
@ -14,6 +15,18 @@ function dump() {
 	echo "$(date) Certificate or key differ, updating"
 	mv "/tmp/work/${DOMAIN}"/*.pem /output/
    fi
+=======
+    # private-keys are rsa, we need pem though
+    for key_file in $(ls /tmp/work/private/*); do
+        pem_file=$(echo $key_file | sed 's/private/pem/g' | sed 's/.key/-private.pem/g')
+        openssl rsa -in $key_file -text > $pem_file
+    done
+
+    echo "$(date) Copying certificates"
+    cp -v /tmp/work/pem/${DOMAIN}-private.pem /output/key.pem
+    # the .crt is a chained-pem, as common for letsencrypt
+    cp -v /tmp/work/certs/${DOMAIN}.crt /output/cert.pem
+>>>>>>> 2c5f9771 (Make certdumper output fullchain-pems)
 }

 mkdir -p /tmp/work