anvil
anvil copied to clipboard
dlangille
Tools for distributing ssl certificates
How about creating a periodic script as an alternative to the cron job?
THe ecc certs issues from acme.sh have a cifferent naming scheme. the directory name is /var/db/acme/certs/example.com_ecc/ but the cert name is example.com.cer and NOT example.com_ecc.cer. I think this can be...
I have some *.example.com wildcard certificates which have been problematic when running through cert-shifter (I assume because of the leading asterisk). I've worked around by placing if echo $cert |...
Downloaded certs are stored in `/var/db/anvil` (or `DOWNLOAD_DIR`). If you remove a cert from the .conf file, `cert-puller` will no longer attempt to fetch that cert. When modifying the .conf...
The find used by cert-shifter checks for changes which occurred in the past 24 hours (1 d) see https://github.com/dlangille/anvil/blob/master/cert-shifter#L31 ``` DIRS=`${FIND} ${CERT_SRC} -mtime -1 -type d -d 1` ``` I...
At present, the code assumes these filenames are used: * example.org.fullchain.cer * example.org.key * ca.cer Perhaps this should be configurable on a per-installation basis.
If /usr/local/etc/ssl is chmod 740 and chown root:wheel, anvil will not be able to read the certs. Therefore, the diff fails silently, and it always installs the certs. proposed solution:...
After installing, the certs are chown anvil:anvil Really, they should be chown root:wheel