File: /usr/local/www/apache24/cgi-bin/easytecc4/setmailcert.sh
#!/bin/sh
DOMAIN="$1";
if [ -z "$DOMAIN" ]; then
DOMAIN="`hostname`.han-solo.net"
fi
if [ -z "$DOMAIN" ]; then
echo "domain not given" >&2
exit 1
fi
KEY="/etc/letsencrypt/live/$DOMAIN/privkey.pem"
CERT_AND_CHAIN="/etc/letsencrypt/live/$DOMAIN/fullchain.pem"
if [ ! -f "$KEY" -o ! -f "$CERT_AND_CHAIN" ]; then
echo "file $KEY or $CERT_AND_CHAIN not found" >&2
exit 1
fi
RESTART_MAILSERVER=
# check for changed domain
CUR_KEY_FILE=`readlink -f /usr/ssl/wild.han.key.smtp.pem`
KEY_FILE=`readlink -f "$KEY"`
if [ "$CUR_KEY_FILE" != "$KEY_FILE" ]; then
echo "installing cert"
ln -fs "$KEY" /usr/ssl/wild.han.key.smtp.pem
ln -fs "$KEY" /usr/ssl/wild.han.key.pem
ln -fs "$CERT_AND_CHAIN" /usr/ssl/wild.han.pem
chown admin:vuser "$KEY_FILE"
chmod 600 "$KEY_FILE"
RESTART_MAILSERVER=TRUE
fi
# check dh
DH4096_MISSSING=`diff --unchanged-group-format='%<' --changed-group-format='' --new-group-format='' --old-group-format='' /usr/ssl/dh4096.pem /usr/ssl/wild.han.pem | diff /usr/ssl/dh4096.pem -`
if [ -n "$DH4096_MISSSING" ]; then
echo "adding dh parameters"
cat /usr/ssl/dh4096.pem >> /usr/ssl/wild.han.pem
RESTART_MAILSERVER=1
fi
if [ -n "$RESTART_MAILSERVER" ]; then
echo "restarting mail server"
/usr/sbin/restart_sendmail
/usr/sbin/restart_dovecot
fi