mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
certificates from acme.json
Will extract certificates from acme.json as written by traefik for usage in dovecot and postfix. Also watches acme.json for changes. For this to work the file has to be mounted/present at `/etc/letsencrypt/acme.json`
This commit is contained in:
parent
989f691281
commit
32c732e276
|
@ -1,5 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
. /usr/local/bin/helper_functions.sh
|
||||
|
||||
# create date for log output
|
||||
log_date=$(date +"%Y-%m-%d %H:%M:%S ")
|
||||
echo "${log_date} Start check-for-changes script."
|
||||
|
@ -32,7 +34,7 @@ echo "${log_date} Using postmaster address ${PM_ADDRESS}"
|
|||
|
||||
# Create an array of files to monitor, must be the same as in start-mailserver.sh
|
||||
declare -a cf_files=()
|
||||
for file in postfix-accounts.cf postfix-virtual.cf postfix-aliases.cf dovecot-quotas.cf; do
|
||||
for file in postfix-accounts.cf postfix-virtual.cf postfix-aliases.cf dovecot-quotas.cf /etc/letsencrypt/acme.json; do
|
||||
[ -f "$file" ] && cf_files+=("$file")
|
||||
done
|
||||
|
||||
|
@ -61,6 +63,10 @@ if [[ $chksum == *"FAIL"* ]]; then
|
|||
(
|
||||
flock -e 200
|
||||
|
||||
if [[ $chksum == *"/etc/letsencrypt/acme.json: FAILED"* ]]; then
|
||||
(extractCertsFromAcmeJson "$HOSTNAME" || extractCertsFromAcmeJson "$DOMAINNAME")
|
||||
fi
|
||||
|
||||
#regen postix aliases.
|
||||
echo "root: ${PM_ADDRESS}" > /etc/aliases
|
||||
if [ -f /tmp/docker-mailserver/postfix-aliases.cf ]; then
|
||||
|
|
|
@ -2,36 +2,54 @@
|
|||
|
||||
# expects mask prefix length and the digit
|
||||
function _mask_ip_digit() {
|
||||
if [[ $1 -ge 8 ]]; then
|
||||
MASK=255
|
||||
else
|
||||
if [[ $1 -le 0 ]]; then
|
||||
MASK=0
|
||||
else
|
||||
VALUES=('0' '128' '192' '224' '240' '248' '252' '254' '255')
|
||||
MASK=${VALUES[$1]}
|
||||
fi
|
||||
fi
|
||||
echo $(( $2 & $MASK ))
|
||||
if [[ $1 -ge 8 ]]; then
|
||||
MASK=255
|
||||
else
|
||||
if [[ $1 -le 0 ]]; then
|
||||
MASK=0
|
||||
else
|
||||
VALUES=('0' '128' '192' '224' '240' '248' '252' '254' '255')
|
||||
MASK=${VALUES[$1]}
|
||||
fi
|
||||
fi
|
||||
echo $(($2 & $MASK))
|
||||
}
|
||||
|
||||
# transforms a specific ip with CIDR suffix like 1.2.3.4/16
|
||||
# to subnet with cidr suffix like 1.2.0.0/16
|
||||
function _sanitize_ipv4_to_subnet_cidr() {
|
||||
IP=${1%%/*}
|
||||
PREFIX_LENGTH=${1#*/}
|
||||
IP=${1%%/*}
|
||||
PREFIX_LENGTH=${1#*/}
|
||||
|
||||
# split IP by . into digits
|
||||
DIGITS=(${IP//./ })
|
||||
# split IP by . into digits
|
||||
DIGITS=(${IP//./ })
|
||||
|
||||
# mask digits according to prefix length
|
||||
MASKED_DIGITS=()
|
||||
DIGIT_PREFIX_LENGTH="$PREFIX_LENGTH"
|
||||
for DIGIT in "${DIGITS[@]}" ; do
|
||||
MASKED_DIGITS+=( $(_mask_ip_digit $DIGIT_PREFIX_LENGTH $DIGIT) )
|
||||
DIGIT_PREFIX_LENGTH=$(( $DIGIT_PREFIX_LENGTH - 8 ))
|
||||
done
|
||||
# mask digits according to prefix length
|
||||
MASKED_DIGITS=()
|
||||
DIGIT_PREFIX_LENGTH="$PREFIX_LENGTH"
|
||||
for DIGIT in "${DIGITS[@]}"; do
|
||||
MASKED_DIGITS+=($(_mask_ip_digit $DIGIT_PREFIX_LENGTH $DIGIT))
|
||||
DIGIT_PREFIX_LENGTH=$(($DIGIT_PREFIX_LENGTH - 8))
|
||||
done
|
||||
|
||||
# output masked ip plus prefix length
|
||||
echo ${MASKED_DIGITS[0]}.${MASKED_DIGITS[1]}.${MASKED_DIGITS[2]}.${MASKED_DIGITS[3]}/$PREFIX_LENGTH
|
||||
}
|
||||
# output masked ip plus prefix length
|
||||
echo ${MASKED_DIGITS[0]}.${MASKED_DIGITS[1]}.${MASKED_DIGITS[2]}.${MASKED_DIGITS[3]}/$PREFIX_LENGTH
|
||||
}
|
||||
|
||||
# extracts certificates from acme.json and returns 0 if found
|
||||
function extractCertsFromAcmeJson() {
|
||||
WHAT=$1
|
||||
# sorry for the code-golf :(
|
||||
KEY=$(cat /etc/letsencrypt/acme.json | python -c "import sys,json,itertools; print map(lambda c: c[\"key\"] if (c[\"domain\"][\"main\"]==\"$WHAT\" or \"$WHAT\" in c[\"domain\"][\"sans\"]) else \"\", list(itertools.chain.from_iterable(map(lambda x: x[\"Certificates\"], json.load(sys.stdin).values()))))[0]")
|
||||
CERT=$(cat /etc/letsencrypt/acme.json | python -c "import sys,json,itertools; print map(lambda c: c[\"certificate\"] if (c[\"domain\"][\"main\"]==\"$WHAT\" or \"$WHAT\" in c[\"domain\"][\"sans\"]) else \"\", list(itertools.chain.from_iterable(map(lambda x: x[\"Certificates\"], json.load(sys.stdin).values()))))[0]")
|
||||
|
||||
if [[ -n "${KEY}${CERT}" ]]; then
|
||||
mkdir -p /etc/letsencrypt/live/"$HOSTNAME"/
|
||||
echo $KEY | base64 -d >/etc/letsencrypt/live/"$HOSTNAME"/key.pem || exit 1
|
||||
echo $CERT | base64 -d >/etc/letsencrypt/live/"$HOSTNAME"/fullchain.pem || exit 1
|
||||
echo "Cert found in /etc/letsencrypt/acme.json for $WHAT"
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
|
|
@ -505,7 +505,7 @@ function _setup_chksum_file() {
|
|||
pushd /tmp/docker-mailserver
|
||||
|
||||
declare -a cf_files=()
|
||||
for file in postfix-accounts.cf postfix-virtual.cf postfix-aliases.cf dovecot-quotas.cf; do
|
||||
for file in postfix-accounts.cf postfix-virtual.cf postfix-aliases.cf dovecot-quotas.cf /etc/letsencrypt/acme.json; do
|
||||
[ -f "$file" ] && cf_files+=("$file")
|
||||
done
|
||||
|
||||
|
@ -1048,6 +1048,8 @@ function _setup_ssl() {
|
|||
local LETSENCRYPT_DOMAIN=""
|
||||
local LETSENCRYPT_KEY=""
|
||||
|
||||
[[ -f /etc/letsencrypt/acme.json ]] && (extractCertsFromAcmeJson "$HOSTNAME" || extractCertsFromAcmeJson "$DOMAINNAME")
|
||||
|
||||
# first determine the letsencrypt domain by checking both the full hostname or just the domainname if a SAN is used in the cert
|
||||
if [ -e "/etc/letsencrypt/live/$HOSTNAME/fullchain.pem" ]; then
|
||||
LETSENCRYPT_DOMAIN=$HOSTNAME
|
||||
|
|
31
test/config/letsencrypt/acme-changed.json
Normal file
31
test/config/letsencrypt/acme-changed.json
Normal file
|
@ -0,0 +1,31 @@
|
|||
{
|
||||
"le": {
|
||||
"Account": {
|
||||
"Email": "acme@admin.com",
|
||||
"Registration": {
|
||||
"body": {
|
||||
"status": "valid",
|
||||
"contact": [
|
||||
"mailto:acme@admin.com"
|
||||
]
|
||||
},
|
||||
"uri": "https://acme-v02.api.letsencrypt.org/acme/acct/0123456789"
|
||||
},
|
||||
"PrivateKey": "YES",
|
||||
"KeyType": "4096"
|
||||
},
|
||||
"Certificates": [
|
||||
{
|
||||
"domain": {
|
||||
"main": "mail.my-domain.com",
|
||||
"sans": [
|
||||
"mail2.my-domain.com"
|
||||
]
|
||||
},
|
||||
"certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1RENDQWN5Z0F3SUJBZ0lKQU4vKzNMTVF2bnYxTUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3TmpJNU1qQTFOVEl4V2hjTk1qQXdPREk0TWpBMU5USXhXakFXTVJRdwpFZ1lEVlFRRERBdGxlR0Z0Y0d4bExtTnZiVENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DCmdnRUJBTDVVTmc3eWJyWG9DSW5teFErZjM4KytzTEVjZ0c2UDBYK2ZhSDExQnc0N1Z0K21mMXZsdEloN29qTzgKRGVYcUZ4c0dMM1MvWXF5dVhYMFRHSU9oL2Nzam52djFHRUwxVXgwWUNzeUZrdmZsYjhOdVNLVzUyVDBkblVxRgpaRndsZHlrQ3dIblF4bXdZWnhuWmpWRjJZT3IvS21HWnZPNWR4U1RzL3FEdVUwY3AzRkQ0ejJDQkVMTG16aXh2CmZPMkxnazFZbi9IOW1OTE5TS1FhaVNlQ3hJZDVDek5JbG1VSWZuTDB0dWMzbjJmTmlnanVQS09WMkgvN05WVFQKVHJpdVAzODRieDlXVExmWDI5Y24rSG80aEtCYXEydDFXbXoranNXaTFneWExS3JMQU00enpRSEkrdTZyMytqUwozUHNSVnMxY3N5TzJOQ1hxVm8vYnhxZTM4K3NDQXdFQUFhTTVNRGN3Q1FZRFZSMFRCQUl3QURBTEJnTlZIUThFCkJBTUNCZUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdJR0NDc0dBUVVGQndNQk1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0SUJBUUFrbUhIVGFaOGhpU3RvQS9YWWpHWGtIVDVEQmpqT2hSbTNtbWRDRit4aGJVY2ovZnJ3QlluMAphcEFHZk5TR3ErUEpUZ1Zkc1pVQUMrc09meFJtZTNGalU1Z0Fla2VJRGpPUU1kMVZiZG1jSVd0bkorVHR6OTRGClFtNVY3RGY4a1ZrY3FFNlV2dlh5WDNZRUZqMi9md2I0aHh5eWwvZkFXbDVhY1dUTE5BMm1PS20vZk1oS2V6K2gKM1ZHaEtRNVpHUzBRdCtMZWEzbzdMV3M1ZEg1TGhTdnMzRmU5UFNkZHhhME5idHI0c2ZnZk9JUUpnbzJtQ3ZjaAp1NXpGcTdudkRxZHNtZFp3WU1JY2lucFBXSmdFb1FMSldVL2dXTDJZYSs1a0oxMzdzbVBjWVg3akRTeUJIbGtRCm9BWU9CNjVZbm9XeFZ1UXRLcUhXNmY4bnFEMW53RUJuCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5ekNDQWQrZ0F3SUJBZ0lKQVAvNDFhc0srSTNCTUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3TmpJNU1qQTFOVEl4V2hjTk1qQXdPREk0TWpBMU5USXhXakFTTVJBdwpEZ1lEVlFRRERBZDBaWE4wTFdOaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCmt6bE9GM1E4d3Q2RzhNOENnKy9VQURsa2JPVW5CbGJDd2xSbnFTcnZyWDdCUmMzN1IxWStLenNNbUdna1BrdkUKY3padVdiT1FVOGdoblFKd1NIVC9BSzFnNWpNYzdtWkxTa0UrdVZNb3I0KzRWZ3Q0a0t2Zmt0emNDSk9mby9xTApYVjJlUFJnVmxIaitwZWlscUhNTThQMDNWUHg2a3E3b1pFMXBCbGg0UXlMejdEWWNQNkFEM0JxL0hTTTVobXZQCmlIYkNIeTZ5ZitRc3VCcWFXQ2VjMXlnYzlHUG55RFhRb0RSQXdsY0EwYVZTU29zYzZIZVZRb0RCUFR6WlVyaU0KcmlxUEszWVQ0TEdFSDZuVHgzUlV0anVHOFpkR3pwZ3V3OS95MHRjY3Q3NzdXTEZJZXVCUWttWmlNRzNYZWl2dQpUYmZIQ2JxSkNPNTNmc2JLMENyekVRSURBUUFCbzFBd1RqQWRCZ05WSFE0RUZnUVV4bzZOWFJpMzlReEpuWlpECnZieGNvK20yVTdZd0h3WURWUjBqQkJnd0ZvQVV4bzZOWFJpMzlReEpuWlpEdmJ4Y28rbTJVN1l3REFZRFZSMFQKQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBT0JLTUcyYWFaK2YyR2F6ZHRxNytJbFJNM1lGdgppbkY1dWFaM2JxQytwS0RiMXdaSkx6V2dIVmdOU0dYZXRIUEthOVFweVFxRWUvYllNSzdhdkpvLy9GbWhnMCszClN3STJnOUJvSVBCZDRqSUJZNDFoL3pyeVRZNFBMeC9OcWFwV1I0LzNuRFBKM1NTTUhaNEpnUDhHVFhsem1GNmoKNFVnd1JyTEZRZDBaWllORFJvOGJaZVVFcVg3MGswRXFZOVF4QmpKZ1V6VnlXWWpQKy9TZVhBQkp5UHY3bHpSTgpudktqM0Y5MWVOZnFmOFkrV2RkdkI4am4zTFhvazRTaUZ6eEVTZkozblZPZ3dwOFNQaGhUU2hiWFFhajQ4Rng4Cm82VEdNOXV0UHROOXFJTnd2cXlySzRsVXdLajZZTHlUa1YxMG9WZ3RKWWh5eUhWVmw3SmhjOFVJTXc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
|
||||
"key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdmxRMkR2SnV0ZWdJaWViRkQ1L2Z6NzZ3c1J5QWJvL1JmNTlvZlhVSERqdFczNlovClcrVzBpSHVpTTd3TjVlb1hHd1l2ZEw5aXJLNWRmUk1ZZzZIOXl5T2UrL1VZUXZWVEhSZ0t6SVdTOStWdncyNUkKcGJuWlBSMmRTb1ZrWENWM0tRTEFlZERHYkJobkdkbU5VWFpnNnY4cVlabTg3bDNGSk96K29PNVRSeW5jVVBqUApZSUVRc3ViT0xHOTg3WXVDVFZpZjhmMlkwczFJcEJxSko0TEVoM2tMTTBpV1pRaCtjdlMyNXplZlo4MktDTzQ4Cm81WFlmL3MxVk5OT3VLNC9memh2SDFaTXQ5ZmIxeWY0ZWppRW9GcXJhM1ZhYlA2T3hhTFdESnJVcXNzQXpqUE4KQWNqNjdxdmY2TkxjK3hGV3pWeXpJN1kwSmVwV2o5dkdwN2Z6NndJREFRQUJBb0lCQVFDdWZoNGhqZm9hSStUUQpLUlk1d09VOFhTTTQvVnh5QU1DZE5OUmpVTXRyTE5QMHIzek1EOGgzNklGSTFQd1k4WWpGYWVKUU1yYVFnanVMCjA5b0J0SjR0Z3piYTRGV2g3YkNKVitWdXBIZWRkbWdFMERNaVhVVGhWeWxCalJINXVRK0tOYytvM3ROTGZ3UG4KR3lFSXNuTWdmMWVucTM4Zk9qRG9MYTgwYzhzOXpYaEh0Wng5SlF6RFViUXIrRE5UUzBSTFA1Mk1JL3BYR0MrZwpUMjI1c1ZWMzl1cVFGY2NIRUNhY0xEYlllNUVoelJpMlBOQTk4Zkh0Ty9sQVA5amp2UWlNY2NyMEtqanpFSGxTCmxvRnMxL3kvdkNBby9rVGhxaEtMLzBUM3FkaUcrWU5zbmUrVGh5Mnh4NVczN1lNR0l0ZTlmKzV5bVRtYitsZ2IKZlU2L2kydGhBb0dCQVBPNlVydDUwaDN2SjJtLytNRkNrb2tjYTE5NWs5c1lPMVJNa1RZSFBaNW40K25UdTMybwpSREt1L0t3T2dseTljcDAwUW44WEljRGk3TXV0OE1LN1JHdjFXeVpWbGJYMStMMzFGVCtjL045NnJIQmE1U0hJCm5oZFRMQkxQVG1iNk9PUFNXWEVIbDAwdnNsdEFsdXRJcnVmanpvd0V0Z3B0T2hZTzhhNjA4aWh2QW9HQkFNZnAKa2l1LzBibDdjUWdZZmdmSWZ5YzJpTU9aU0RseVRFRThxZmhWa1NWNFg3bDNycXk3eUNQNEc1MXBaQ1dWcDl6WQo4UzNtYmlDM3hYVjZpTzVQeGVoS1ZmdnFySXF6MnpaWDhTRjFhMUwzekRGQ3BFNkdmUHB5Uk1uK01hLy84b3haCmRwdGV6WlRCMVJtUDd6UndIVGJrSXhjU3NuYkVUOWNuZDc1ck9OSkZBb0dCQU0wQm0xZFFONW13TU5HMWhQSmkKSWNtc212QTYzbEE2eUtTMnBxbndXemNqb2NScnNWZ1hzZzJEdk1xb2hhU21RWUxUazE4OVFNbnkxa1RZY1J3SwowcG1RVG5Rbkp2OWYvek1ndEJmRzM3akdnY2NiM1lHV01zdmh6TCtobWd2cVN2SHVYQWRENEZNdlhIRi9HYktjCmQycGI1cjlGc3kyQUJJekxVeVNsMU02SEFvR0FCQUxneHZYelhGaG92VFBZbTRsZlc4Y1JXWE5pNnB3cmdZZVoKRlgyS0N3bHVTa2RuZnRuSnUwY0lMdEZsakFlRHRiKzRueVluZ1lxT2NMd0RzVnh5YVNYTXNlQlVrL2ZsNXlJKwptV0JFeGdabzEzZ3gyYzJEQm5keWYrY1UwaVk5bEtsYTR1VTFGTTRLMjVkeXdrZVpubmRYYU9nY0lwdnZ5aTVsCmpiR1RFMDBDZ1lBVCtVTm9tcDhKbW01YXFDME1kc050OW13T0tMVnRDazFZei9YODVQbVNpU1p4eG11cThVNXUKYThvYUovTm1tTXBZc1JHOXB5NW1JZ0RXSDFicnlPWlA3YVB0T0lWWnBZSDc3cU1ySjR2RmJ6MkphQTFiMWlySgoyMkhkajFYRDdMdjJ1cXQ3UVVsYU5RY3VrSkZJSE94WVJOWUNobEpuSUVmMmU3MGpkbEN4TGc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=",
|
||||
"Store": "default"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
31
test/config/letsencrypt/acme.json
Normal file
31
test/config/letsencrypt/acme.json
Normal file
|
@ -0,0 +1,31 @@
|
|||
{
|
||||
"le": {
|
||||
"Account": {
|
||||
"Email": "acme@admin.com",
|
||||
"Registration": {
|
||||
"body": {
|
||||
"status": "valid",
|
||||
"contact": [
|
||||
"mailto:acme@admin.com"
|
||||
]
|
||||
},
|
||||
"uri": "https://acme-v02.api.letsencrypt.org/acme/acct/0123456789"
|
||||
},
|
||||
"PrivateKey": "YES",
|
||||
"KeyType": "4096"
|
||||
},
|
||||
"Certificates": [
|
||||
{
|
||||
"domain": {
|
||||
"main": "mail.my-domain.com",
|
||||
"sans": [
|
||||
"mail2.my-domain.com"
|
||||
]
|
||||
},
|
||||
"certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZHVENDQkFHZ0F3SUJBZ0lTQTUwamo2QS9pbEV4TWxhNDFQd1NlanlCTUEwR0NTcUdTSWIzRFFFQkN3VUEKTUVveEN6QUpCZ05WQkFZVEFsVlRNUll3RkFZRFZRUUtFdzFNWlhRbmN5QkZibU55ZVhCME1TTXdJUVlEVlFRRApFeHBNWlhRbmN5QkZibU55ZVhCMElFRjFkR2h2Y21sMGVTQllNekFlRncweE5qQTBNVGt4T1RBMU1EQmFGdzB4Ck5qQTNNVGd4T1RBMU1EQmFNQlV4RXpBUkJnTlZCQU1UQ21sbWRYTnBieTVqYjIwd2dnRWlNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDY0NsZitQZWUxRUl0ZG5qYWdPVVF1d0E0U0xMaUtDZjVUKzJFYwpCUG53TUdLdERiL1RCV2M4S0VIUUd4WUNkdGFtRmNpVCtPWFVsSkdqUEdFbmE0REFLQU5pNW5qbXErVFFGYjdKCmlwQTdwZlE0ZnAvMk9xRzNlNlN3TnZXdXJKbEhJaWdpTGUxbGJjKzdydC81aG9uN0p3bjI2MHgvWGFQSFhSa1UKQWl5NUZTRFZlWG5uQ0w1UU91NXNybkhyZFRsV3BFbno5V1V2WUNqM0RNUjM4Z3hvam5tcGo0OGFNUlJ0ckJBTwpObHhUOVRzc0hvS3ZEWEkxYkViZWIydHBtQy8ra1JQdXNJdWtpdWNjM0ZvOVIvc0hYakZrRDdtSzJVTWIwVUxFCkJHMkQ0d3dFSU5VU0czQjN3c3UwZXl3QWxrcFgxVWNGemRGVHRzalU3VjJhMDZqQkFnTUJBQUdqZ2dJc01JSUMKS0RBT0JnTlZIUThCQWY4RUJBTUNCYUF3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQwpNQXdHQTFVZEV3RUIvd1FDTUFBd0hRWURWUjBPQkJZRUZPS3FSbktUZDJhZFdEK1NuZFNaVkZQc0xWSmtNQjhHCkExVWRJd1FZTUJhQUZLaEthbU1FZmQyNjV0RTV0NlpGWmUvenFPeWhNSEFHQ0NzR0FRVUZCd0VCQkdRd1lqQXYKQmdnckJnRUZCUWN3QVlZamFIUjBjRG92TDI5amMzQXVhVzUwTFhnekxteGxkSE5sYm1OeWVYQjBMbTl5Wnk4dwpMd1lJS3dZQkJRVUhNQUtHSTJoMGRIQTZMeTlqWlhKMExtbHVkQzE0TXk1c1pYUnpaVzVqY25sd2RDNXZjbWN2Ck1EWUdBMVVkRVFRdk1DMkNDbWxtZFhOcGJ5NWpiMjJDRDIxaGFXd3VhV1oxYzJsdkxtTnZiWUlPZDNkM0xtbG0KZFhOcGJ5NWpiMjB3Z2Y0R0ExVWRJQVNCOWpDQjh6QUlCZ1puZ1F3QkFnRXdnZVlHQ3lzR0FRUUJndDhUQVFFQgpNSUhXTUNZR0NDc0dBUVVGQndJQkZocG9kSFJ3T2k4dlkzQnpMbXhsZEhObGJtTnllWEIwTG05eVp6Q0Jxd1lJCkt3WUJCUVVIQWdJd2daNE1nWnRVYUdseklFTmxjblJwWm1sallYUmxJRzFoZVNCdmJteDVJR0psSUhKbGJHbGwKWkNCMWNHOXVJR0o1SUZKbGJIbHBibWNnVUdGeWRHbGxjeUJoYm1RZ2IyNXNlU0JwYmlCaFkyTnZjbVJoYm1ObApJSGRwZEdnZ2RHaGxJRU5sY25ScFptbGpZWFJsSUZCdmJHbGplU0JtYjNWdVpDQmhkQ0JvZEhSd2N6b3ZMMnhsCmRITmxibU55ZVhCMExtOXlaeTl5WlhCdmMybDBiM0o1THpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWd6ZjkKRFZDZFZ0S3ZsbUdlVDJwdUhVNVVMZjN0L0pENk5MM29jdUJNc0RRUE9IeGE2a2t5ZDZ4cWRCQWVsTlNmRVl2KwpCVmZRcDZXb3gySUdyd2ZxcXZOTnpQR1RITHhTcEs5NEdrMGVlZzdZaGN4am9Pcnl2NEZnb3dRT2F4NUowT1NTCldJZEFGVnlrUHM4N1dLeUhOWThXMXpsZS9ZZTl5alM2YmpIZGpxbk9pRy83cURRL0REWUduN0lMSEFIbVVaWXkKMVFRMEVkZmZOa0xwa21DblRub3RnQlVwcW1EdDdwTU5aUnVZRlRRcTYzMWloZTdqUlhqU2tnV1M3dFRmVVQxNQpTZXNVSW8xTmJqQ0ptQmNlRmQyYy9zcmdWbGJXYzJMWHQ3UWY1eXhXSnloVDE2ci9NN29rMGJ0SDI1RDVhemsyClRLZG5xL1FGaEhXVlpVcjNoZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVrakNDQTNxZ0F3SUJBZ0lRQ2dGQlFnQUFBVk9GYzJvTGhleW5DREFOQmdrcWhraUc5dzBCQVFzRkFEQS8KTVNRd0lnWURWUVFLRXh0RWFXZHBkR0ZzSUZOcFoyNWhkSFZ5WlNCVWNuVnpkQ0JEYnk0eEZ6QVZCZ05WQkFNVApEa1JUVkNCU2IyOTBJRU5CSUZnek1CNFhEVEUyTURNeE56RTJOREEwTmxvWERUSXhNRE14TnpFMk5EQTBObG93ClNqRUxNQWtHQTFVRUJoTUNWVk14RmpBVUJnTlZCQW9URFV4bGRDZHpJRVZ1WTNKNWNIUXhJekFoQmdOVkJBTVQKR2t4bGRDZHpJRVZ1WTNKNWNIUWdRWFYwYUc5eWFYUjVJRmd6TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQwpBUThBTUlJQkNnS0NBUUVBbk5NTThGcmxMa2UzY2wwM2c3Tm9ZekRxMXpVbUdTWGh2YjQxOFhDU0w3ZTRTMEVGCnE2bWVOUWhZN0xFcXhHaUhDNlBqZGVUbTg2ZGljYnA1Z1dBZjE1R2FuL1BRZUdkeHlHa09sWkhQL3VhWjZXQTgKU014K3lrMTNFaVNkUnh0YTY3bnNIamNBSEp5c2U2Y0Y2czVLNjcxQjVUYVl1Y3Y5YlR5V2FOOGpLa0tRRElaMApaOGgvcFpxNFVtRVVFejlsNllLSHk5djZEbGIyaG9uemhUK1hocSt3M0JydmF3MlZGbjNFSzZCbHNwa0VObldBCmE2eEs4eHVRU1hndm9wWlBLaUFsS1FUR2RNRFFNYzJQTVRpVkZycW9NN2hEOGJFZnd6Qi9vbmt4RXowdE52amoKL1BJemFyazVNY1d2eEkwTkhXUVdNNnI2aENtMjFBdkEySDNEa3dJREFRQUJvNElCZlRDQ0FYa3dFZ1lEVlIwVApBUUgvQkFnd0JnRUIvd0lCQURBT0JnTlZIUThCQWY4RUJBTUNBWVl3ZndZSUt3WUJCUVVIQVFFRWN6QnhNRElHCkNDc0dBUVVGQnpBQmhpWm9kSFJ3T2k4dmFYTnlaeTUwY25WemRHbGtMbTlqYzNBdWFXUmxiblJ5ZFhOMExtTnYKYlRBN0JnZ3JCZ0VGQlFjd0FvWXZhSFIwY0RvdkwyRndjSE11YVdSbGJuUnlkWE4wTG1OdmJTOXliMjkwY3k5awpjM1J5YjI5MFkyRjRNeTV3TjJNd0h3WURWUjBqQkJnd0ZvQVV4S2V4cEhzc2NmcmI0VXVRZGYvRUZXQ0ZpUkF3ClZBWURWUjBnQkUwd1N6QUlCZ1puZ1F3QkFnRXdQd1lMS3dZQkJBR0MzeE1CQVFFd01EQXVCZ2dyQmdFRkJRY0MKQVJZaWFIUjBjRG92TDJOd2N5NXliMjkwTFhneExteGxkSE5sYm1OeWVYQjBMbTl5WnpBOEJnTlZIUjhFTlRBegpNREdnTDZBdGhpdG9kSFJ3T2k4dlkzSnNMbWxrWlc1MGNuVnpkQzVqYjIwdlJGTlVVazlQVkVOQldETkRVa3d1ClkzSnNNQjBHQTFVZERnUVdCQlNvU21wakJIM2R1dWJST2JlbVJXWHY4Nmpzb1RBTkJna3Foa2lHOXcwQkFRc0YKQUFPQ0FRRUEzVFBYRWZOaldEamRHQlg3Q1ZXK2RsYTVjRWlsYVVjbmU4SWtDSkx4V2g5S0VpazNKSFJSSEdKbwp1TTJWY0dmbDk2UzhUaWhSelp2b3JvZWQ2dGk2V3FFQm10enczV29kYXRnK1Z5T2VwaDRFWXByLzF3WEt0eDgvCndBcEl2SlN3dG1WaTRNRlU1YU1xclNERTZlYTczTWoydGNNeW81ak1kNmptZVdVSEs4c28vam9XVW9IT1Vnd3UKWDRQbzFRWXorM2RzemtEcU1wNGZrbHhCd1hSc1cxMEtYelBNVForc09QQXZleXhpbmRtamtXOGxHeStRc1JsRwpQZlorRzZaNmg3bWplbTBZK2lXbGtZY1Y0UElXTDFpd0JpOHNhQ2JHUzVqTjJwOE0rWCtRN1VOS0VrUk9iM042CktPcWtxbTU3VEgySDNlREpBa1NuaDYvRE5GdTBRZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=",
|
||||
"key": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktnd2dnU2tBZ0VBQW9JQkFRQ2NDbGYrUGVlMUVJdGQKbmphZ09VUXV3QTRTTExpS0NmNVQrMkVjQlBud01HS3REYi9UQldjOEtFSFFHeFlDZHRhbUZjaVQrT1hVbEpHagpQR0VuYTREQUtBTmk1bmptcStUUUZiN0ppcEE3cGZRNGZwLzJPcUczZTZTd052V3VySmxISWlnaUxlMWxiYys3CnJ0LzVob243SnduMjYweC9YYVBIWFJrVUFpeTVGU0RWZVhubkNMNVFPdTVzcm5IcmRUbFdwRW56OVdVdllDajMKRE1SMzhneG9qbm1wajQ4YU1SUnRyQkFPTmx4VDlUc3NIb0t2RFhJMWJFYmViMnRwbUMvK2tSUHVzSXVraXVjYwozRm85Ui9zSFhqRmtEN21LMlVNYjBVTEVCRzJENHd3RUlOVVNHM0Izd3N1MGV5d0Fsa3BYMVVjRnpkRlR0c2pVCjdWMmEwNmpCQWdNQkFBRUNnZ0VBTStjQTQ5RmxqQVdIeGNrRmRILzMzUEVHL1NhZzcxRnBwamVjVW55WlFqcGwKNkJnRnNVUS8xWE95aUcwcUFnSFRYZ1VxNVlWSnRVOEJybUU4RTZlZmVNc1diVVFwL05nNlVMaWE4R0RGbndHUgpYV1ZKQWRiNHlaWTM3bUVwa1VOWjdKNUE2VFdMbkV4Tlo2bEFXTGhXbHhLaUx0NlBZR0llUXdjRmUzRkp2UG4wCkdVU0ZZWFlMSnE5bElpclF2bDZsVnpsanBQNnF2RlFFcWE0ZGdXcUJPckMyL2pMNGFtS0s3MU4yM3NGbnowc1EKVXFqUDcyYzdOcis0eE1PaHNHZXRWMW1ZZ1BxQW9SNVczWFpScURQZVo2ZjBGSjdMNXhHNjlZSmVvN01yWGhLbApOOWtMaGJHUi9GSDNJSGRvN3RSYjJvR21IRExOSmY5ei9tQkVlclNXMFFLQmdRRFBIQ2M1OXRDd21GMVVWNGVWCmZoUm9xNFF5cDh3RjJJdEpUTWQxMkxKT1g2N2VOSnk2djkzQWh1YVBnS3Ava1JNdWw1WmpMOTBVVjFJU2wvbHoKZVl6Z3JlTXR0Q3RSaFp4VVN2Qm82dzMyTlNhY29pS2Nab2p5VGR5WlB1T2VBRzJSeE5IaCtuK05aN05qSVd2Rwo3eGxXOUhYUU9QaTh4bEhwRGZEcys3RWdYUUtCZ1FEQTRBSmxvcjIyZEV4R3VET0xsTzBldCtUVmhFcnFYRlNaCkN0Um13c0wrWFRlU0t5bmdaY3l1MVlueW9OT0E5dkd5T2syNkFXK1dWOU45VTZyd1ZzOENWY3plZTVlS1BaSk4KeFFaalVvK2ZlcDN4SUZ2QnBnbmFkZnJvZHhqRDhYTXBIY2IwSS9aUklDWktxSVZ2OXErRnpFWHFFK0hzZkQzQgprQmZaOEdaenRRS0JnRVZTZHc2L3ZqcGR4Vjlsck13czEwZnhvTjRUckFhSTVKWTBUTTcxS1RseWJXV1MxcUxyCmRaM3JpV0NmQUhLU2JJazcwK3AvS3RDVUtiUnZpZDlNNEFxVUtXWXkyQTBCVzhJYkV6MEs4REZvdVBQVWtTRW8KY000cG9aenBuK1pTM2xuY055UWNaSFZBTUpzTnBMV0Jja25ZcVZaNHUwajBXSlpaUkRzT1E4dEJBb0dCQUsycApCSDkraUZJL1pHNUliQ0RCZHI2eDFOaHF4UWsvR095elU0c3kwVjgxajFPTWlhZ0NBTWxxZTBwNmcvVWFZNFNWCittWC81UGo1R3ZNODRpeUQvTitkWVZqdzd3RUpiekdXdEttNUxKZnJUMHBNV0ZHRHJsdUUzdVZ3Vmx3V2lobjcKTmFlY3VhdFJ4eWh4azdPNzZVNFBIdVFrQXNkckZpK3lEY2V0TEpJQkFvR0JBSkhVTXR0S1E5L3NjNkVZZ2R5bQp1OGhNaS9XR3J0NWVPT0FKMTdsWTUzZVJaTGNpN3MxbWZzV0lGOWIwTjUwaUU2MFNhRkFEUWlNUkFVdGtKWE5JCmE1NXFkcGFsVkhzQUU0V3doN25sS0xrYURFYXJ0eDVYMXFTVEZ3NGZUTXlLTk92ZWlnZ1EvaTlMWnBGeHN6MjIKM1YrN2pQSmFDTnlQYm1PZXZYR2hCRWpyCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0=",
|
||||
"Store": "default"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
test/config/letsencrypt/changed/cert.pem
Normal file
18
test/config/letsencrypt/changed/cert.pem
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIC5DCCAcygAwIBAgIJAN/+3LMQvnv1MA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
|
||||
BAMMB3Rlc3QtY2EwHhcNMjAwNjI5MjA1NTIxWhcNMjAwODI4MjA1NTIxWjAWMRQw
|
||||
EgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
|
||||
ggEBAL5UNg7ybrXoCInmxQ+f38++sLEcgG6P0X+faH11Bw47Vt+mf1vltIh7ojO8
|
||||
DeXqFxsGL3S/YqyuXX0TGIOh/csjnvv1GEL1Ux0YCsyFkvflb8NuSKW52T0dnUqF
|
||||
ZFwldykCwHnQxmwYZxnZjVF2YOr/KmGZvO5dxSTs/qDuU0cp3FD4z2CBELLmzixv
|
||||
fO2Lgk1Yn/H9mNLNSKQaiSeCxId5CzNIlmUIfnL0tuc3n2fNigjuPKOV2H/7NVTT
|
||||
TriuP384bx9WTLfX29cn+Ho4hKBaq2t1Wmz+jsWi1gya1KrLAM4zzQHI+u6r3+jS
|
||||
3PsRVs1csyO2NCXqVo/bxqe38+sCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8E
|
||||
BAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEB
|
||||
CwUAA4IBAQAkmHHTaZ8hiStoA/XYjGXkHT5DBjjOhRm3mmdCF+xhbUcj/frwBYn0
|
||||
apAGfNSGq+PJTgVdsZUAC+sOfxRme3FjU5gAekeIDjOQMd1VbdmcIWtnJ+Ttz94F
|
||||
Qm5V7Df8kVkcqE6UvvXyX3YEFj2/fwb4hxyyl/fAWl5acWTLNA2mOKm/fMhKez+h
|
||||
3VGhKQ5ZGS0Qt+Lea3o7LWs5dH5LhSvs3Fe9PSddxa0Nbtr4sfgfOIQJgo2mCvch
|
||||
u5zFq7nvDqdsmdZwYMIcinpPWJgEoQLJWU/gWL2Ya+5kJ137smPcYX7jDSyBHlkQ
|
||||
oAYOB65YnoWxVuQtKqHW6f8nqD1nwEBn
|
||||
-----END CERTIFICATE-----
|
36
test/config/letsencrypt/changed/fullchain.pem
Normal file
36
test/config/letsencrypt/changed/fullchain.pem
Normal file
|
@ -0,0 +1,36 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIC5DCCAcygAwIBAgIJAN/+3LMQvnv1MA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
|
||||
BAMMB3Rlc3QtY2EwHhcNMjAwNjI5MjA1NTIxWhcNMjAwODI4MjA1NTIxWjAWMRQw
|
||||
EgYDVQQDDAtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
|
||||
ggEBAL5UNg7ybrXoCInmxQ+f38++sLEcgG6P0X+faH11Bw47Vt+mf1vltIh7ojO8
|
||||
DeXqFxsGL3S/YqyuXX0TGIOh/csjnvv1GEL1Ux0YCsyFkvflb8NuSKW52T0dnUqF
|
||||
ZFwldykCwHnQxmwYZxnZjVF2YOr/KmGZvO5dxSTs/qDuU0cp3FD4z2CBELLmzixv
|
||||
fO2Lgk1Yn/H9mNLNSKQaiSeCxId5CzNIlmUIfnL0tuc3n2fNigjuPKOV2H/7NVTT
|
||||
TriuP384bx9WTLfX29cn+Ho4hKBaq2t1Wmz+jsWi1gya1KrLAM4zzQHI+u6r3+jS
|
||||
3PsRVs1csyO2NCXqVo/bxqe38+sCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8E
|
||||
BAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEB
|
||||
CwUAA4IBAQAkmHHTaZ8hiStoA/XYjGXkHT5DBjjOhRm3mmdCF+xhbUcj/frwBYn0
|
||||
apAGfNSGq+PJTgVdsZUAC+sOfxRme3FjU5gAekeIDjOQMd1VbdmcIWtnJ+Ttz94F
|
||||
Qm5V7Df8kVkcqE6UvvXyX3YEFj2/fwb4hxyyl/fAWl5acWTLNA2mOKm/fMhKez+h
|
||||
3VGhKQ5ZGS0Qt+Lea3o7LWs5dH5LhSvs3Fe9PSddxa0Nbtr4sfgfOIQJgo2mCvch
|
||||
u5zFq7nvDqdsmdZwYMIcinpPWJgEoQLJWU/gWL2Ya+5kJ137smPcYX7jDSyBHlkQ
|
||||
oAYOB65YnoWxVuQtKqHW6f8nqD1nwEBn
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIC9zCCAd+gAwIBAgIJAP/41asK+I3BMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
|
||||
BAMMB3Rlc3QtY2EwHhcNMjAwNjI5MjA1NTIxWhcNMjAwODI4MjA1NTIxWjASMRAw
|
||||
DgYDVQQDDAd0ZXN0LWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
|
||||
kzlOF3Q8wt6G8M8Cg+/UADlkbOUnBlbCwlRnqSrvrX7BRc37R1Y+KzsMmGgkPkvE
|
||||
czZuWbOQU8ghnQJwSHT/AK1g5jMc7mZLSkE+uVMor4+4Vgt4kKvfktzcCJOfo/qL
|
||||
XV2ePRgVlHj+peilqHMM8P03VPx6kq7oZE1pBlh4QyLz7DYcP6AD3Bq/HSM5hmvP
|
||||
iHbCHy6yf+QsuBqaWCec1ygc9GPnyDXQoDRAwlcA0aVSSosc6HeVQoDBPTzZUriM
|
||||
riqPK3YT4LGEH6nTx3RUtjuG8ZdGzpguw9/y0tcct777WLFIeuBQkmZiMG3Xeivu
|
||||
TbfHCbqJCO53fsbK0CrzEQIDAQABo1AwTjAdBgNVHQ4EFgQUxo6NXRi39QxJnZZD
|
||||
vbxco+m2U7YwHwYDVR0jBBgwFoAUxo6NXRi39QxJnZZDvbxco+m2U7YwDAYDVR0T
|
||||
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOBKMG2aaZ+f2Gazdtq7+IlRM3YFv
|
||||
inF5uaZ3bqC+pKDb1wZJLzWgHVgNSGXetHPKa9QpyQqEe/bYMK7avJo//Fmhg0+3
|
||||
SwI2g9BoIPBd4jIBY41h/zryTY4PLx/NqapWR4/3nDPJ3SSMHZ4JgP8GTXlzmF6j
|
||||
4UgwRrLFQd0ZZYNDRo8bZeUEqX70k0EqY9QxBjJgUzVyWYjP+/SeXABJyPv7lzRN
|
||||
nvKj3F91eNfqf8Y+WddvB8jn3LXok4SiFzxESfJ3nVOgwp8SPhhTShbXQaj48Fx8
|
||||
o6TGM9utPtN9qINwvqyrK4lUwKj6YLyTkV10oVgtJYhyyHVVl7Jhc8UIMw==
|
||||
-----END CERTIFICATE-----
|
27
test/config/letsencrypt/changed/key.pem
Normal file
27
test/config/letsencrypt/changed/key.pem
Normal file
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAvlQ2DvJutegIiebFD5/fz76wsRyAbo/Rf59ofXUHDjtW36Z/
|
||||
W+W0iHuiM7wN5eoXGwYvdL9irK5dfRMYg6H9yyOe+/UYQvVTHRgKzIWS9+Vvw25I
|
||||
pbnZPR2dSoVkXCV3KQLAedDGbBhnGdmNUXZg6v8qYZm87l3FJOz+oO5TRyncUPjP
|
||||
YIEQsubOLG987YuCTVif8f2Y0s1IpBqJJ4LEh3kLM0iWZQh+cvS25zefZ82KCO48
|
||||
o5XYf/s1VNNOuK4/fzhvH1ZMt9fb1yf4ejiEoFqra3VabP6OxaLWDJrUqssAzjPN
|
||||
Acj67qvf6NLc+xFWzVyzI7Y0JepWj9vGp7fz6wIDAQABAoIBAQCufh4hjfoaI+TQ
|
||||
KRY5wOU8XSM4/VxyAMCdNNRjUMtrLNP0r3zMD8h36IFI1PwY8YjFaeJQMraQgjuL
|
||||
09oBtJ4tgzba4FWh7bCJV+VupHeddmgE0DMiXUThVylBjRH5uQ+KNc+o3tNLfwPn
|
||||
GyEIsnMgf1enq38fOjDoLa80c8s9zXhHtZx9JQzDUbQr+DNTS0RLP52MI/pXGC+g
|
||||
T225sVV39uqQFccHECacLDbYe5EhzRi2PNA98fHtO/lAP9jjvQiMccr0KjjzEHlS
|
||||
loFs1/y/vCAo/kThqhKL/0T3qdiG+YNsne+Thy2xx5W37YMGIte9f+5ymTmb+lgb
|
||||
fU6/i2thAoGBAPO6Urt50h3vJ2m/+MFCkokca195k9sYO1RMkTYHPZ5n4+nTu32o
|
||||
RDKu/KwOgly9cp00Qn8XIcDi7Mut8MK7RGv1WyZVlbX1+L31FT+c/N96rHBa5SHI
|
||||
nhdTLBLPTmb6OOPSWXEHl00vsltAlutIrufjzowEtgptOhYO8a608ihvAoGBAMfp
|
||||
kiu/0bl7cQgYfgfIfyc2iMOZSDlyTEE8qfhVkSV4X7l3rqy7yCP4G51pZCWVp9zY
|
||||
8S3mbiC3xXV6iO5PxehKVfvqrIqz2zZX8SF1a1L3zDFCpE6GfPpyRMn+Ma//8oxZ
|
||||
dptezZTB1RmP7zRwHTbkIxcSsnbET9cnd75rONJFAoGBAM0Bm1dQN5mwMNG1hPJi
|
||||
IcmsmvA63lA6yKS2pqnwWzcjocRrsVgXsg2DvMqohaSmQYLTk189QMny1kTYcRwK
|
||||
0pmQTnQnJv9f/zMgtBfG37jGgccb3YGWMsvhzL+hmgvqSvHuXAdD4FMvXHF/GbKc
|
||||
d2pb5r9Fsy2ABIzLUySl1M6HAoGABALgxvXzXFhovTPYm4lfW8cRWXNi6pwrgYeZ
|
||||
FX2KCwluSkdnftnJu0cILtFljAeDtb+4nyYngYqOcLwDsVxyaSXMseBUk/fl5yI+
|
||||
mWBExgZo13gx2c2DBndyf+cU0iY9lKla4uU1FM4K25dywkeZnndXaOgcIpvvyi5l
|
||||
jbGTE00CgYAT+UNomp8Jmm5aqC0MdsNt9mwOKLVtCk1Yz/X85PmSiSZxxmuq8U5u
|
||||
a8oaJ/NmmMpYsRG9py5mIgDWH1bryOZP7aPtOIVZpYH77qMrJ4vFbz2JaA1b1irJ
|
||||
22Hdj1XD7Lv2uqt7QUlaNQcukJFIHOxYRNYChlJnIEf2e70jdlCxLg==
|
||||
-----END RSA PRIVATE KEY-----
|
|
@ -26,11 +26,24 @@ function setup_file() {
|
|||
-e SSL_TYPE=letsencrypt \
|
||||
-h mail.my-domain.com -t ${NAME}
|
||||
wait_for_finished_setup_in_container mail_lets_hostname
|
||||
|
||||
cp "`pwd`/test/config/letsencrypt/acme.json" "`pwd`/test/config/acme.json"
|
||||
docker run -d --name mail_lets_acme_json \
|
||||
-v "`pwd`/test/config":/tmp/docker-mailserver \
|
||||
-v "`pwd`/test/config/acme.json":/etc/letsencrypt/acme.json:ro \
|
||||
-v "`pwd`/test/test-files":/tmp/docker-mailserver-test:ro \
|
||||
-e DMS_DEBUG=0 \
|
||||
-e SSL_TYPE=letsencrypt \
|
||||
-h mail.my-domain.com -t ${NAME}
|
||||
|
||||
wait_for_finished_setup_in_container mail_lets_acme_json
|
||||
}
|
||||
|
||||
function teardown_file() {
|
||||
docker rm -f mail_lets_domain
|
||||
docker rm -f mail_lets_hostname
|
||||
docker rm -f mail_lets_acme_json
|
||||
rm "`pwd`/test/config/acme.json"
|
||||
}
|
||||
|
||||
# this test must come first to reliably identify when to run setup_file
|
||||
|
@ -78,6 +91,44 @@ function teardown_file() {
|
|||
assert_success
|
||||
}
|
||||
|
||||
#
|
||||
# acme.json updates
|
||||
#
|
||||
|
||||
@test "checking changedetector: server is ready" {
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "ps aux | grep '/bin/bash /usr/local/bin/check-for-changes.sh'"
|
||||
assert_success
|
||||
}
|
||||
|
||||
@test "can extract certs from acme.json" {
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "cat /etc/letsencrypt/live/mail.my-domain.com/key.pem"
|
||||
assert_output "$(cat "`pwd`/test/config/letsencrypt/mail.my-domain.com/privkey.pem")"
|
||||
assert_success
|
||||
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "cat /etc/letsencrypt/live/mail.my-domain.com/fullchain.pem"
|
||||
assert_output "$(cat "`pwd`/test/config/letsencrypt/mail.my-domain.com/fullchain.pem")"
|
||||
assert_success
|
||||
}
|
||||
|
||||
@test "can detect changes" {
|
||||
cp "`pwd`/test/config/letsencrypt/acme-changed.json" "`pwd`/test/config/acme.json"
|
||||
sleep 11
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "supervisorctl tail changedetector"
|
||||
assert_output --partial "Cert found in /etc/letsencrypt/acme.json for mail.my-domain.com"
|
||||
assert_output --partial "postfix: stopped"
|
||||
assert_output --partial "postfix: started"
|
||||
assert_output --partial "Update checksum"
|
||||
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "cat /etc/letsencrypt/live/mail.my-domain.com/key.pem"
|
||||
assert_output "$(cat "`pwd`/test/config/letsencrypt/changed/key.pem")"
|
||||
assert_success
|
||||
|
||||
run docker exec mail_lets_acme_json /bin/bash -c "cat /etc/letsencrypt/live/mail.my-domain.com/fullchain.pem"
|
||||
assert_output "$(cat "`pwd`/test/config/letsencrypt/changed/fullchain.pem")"
|
||||
assert_success
|
||||
}
|
||||
|
||||
|
||||
# this test is only there to reliably mark the end for the teardown_file
|
||||
@test "last" {
|
||||
skip 'Finished testing of letsencrypt SSL'
|
||||
|
|
Loading…
Reference in a new issue