support SSL.com
This commit is contained in:
parent
280e44304a
commit
53d6ab6c23
@ -88,6 +88,7 @@ https://github.com/acmesh-official/acmetest
|
|||||||
- [ZeroSSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA)(default)
|
- [ZeroSSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA)(default)
|
||||||
- Letsencrypt.org CA
|
- Letsencrypt.org CA
|
||||||
- [BuyPass.com CA](https://github.com/acmesh-official/acme.sh/wiki/BuyPass.com-CA)
|
- [BuyPass.com CA](https://github.com/acmesh-official/acme.sh/wiki/BuyPass.com-CA)
|
||||||
|
- [SSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA)
|
||||||
- [Pebble strict Mode](https://github.com/letsencrypt/pebble)
|
- [Pebble strict Mode](https://github.com/letsencrypt/pebble)
|
||||||
- Any other [RFC8555](https://tools.ietf.org/html/rfc8555)-compliant CA
|
- Any other [RFC8555](https://tools.ietf.org/html/rfc8555)-compliant CA
|
||||||
|
|
||||||
|
33
acme.sh
33
acme.sh
@ -29,18 +29,24 @@ CA_BUYPASS_TEST="https://api.test4.buypass.no/acme/directory"
|
|||||||
CA_ZEROSSL="https://acme.zerossl.com/v2/DV90"
|
CA_ZEROSSL="https://acme.zerossl.com/v2/DV90"
|
||||||
_ZERO_EAB_ENDPOINT="http://api.zerossl.com/acme/eab-credentials-email"
|
_ZERO_EAB_ENDPOINT="http://api.zerossl.com/acme/eab-credentials-email"
|
||||||
|
|
||||||
|
|
||||||
|
CA_SSLCOM_RSA="https://acme.ssl.com/sslcom-dv-rsa"
|
||||||
|
CA_SSLCOM_ECC="https://acme.ssl.com/sslcom-dv-ecc"
|
||||||
|
|
||||||
|
|
||||||
DEFAULT_CA=$CA_ZEROSSL
|
DEFAULT_CA=$CA_ZEROSSL
|
||||||
DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
|
DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
|
||||||
|
|
||||||
CA_NAMES="
|
CA_NAMES="
|
||||||
|
ZeroSSL.com,zerossl
|
||||||
LetsEncrypt.org,letsencrypt
|
LetsEncrypt.org,letsencrypt
|
||||||
LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
|
LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
|
||||||
BuyPass.com,buypass
|
BuyPass.com,buypass
|
||||||
BuyPass.com_test,buypass_test,buypasstest
|
BuyPass.com_test,buypass_test,buypasstest
|
||||||
ZeroSSL.com,zerossl
|
SSL.com,sslcom
|
||||||
"
|
"
|
||||||
|
|
||||||
CA_SERVERS="$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_BUYPASS,$CA_BUYPASS_TEST,$CA_ZEROSSL"
|
CA_SERVERS="$CA_ZEROSSL,$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_BUYPASS,$CA_BUYPASS_TEST,$CA_SSLCOM_RSA"
|
||||||
|
|
||||||
DEFAULT_USER_AGENT="$PROJECT_NAME/$VER ($PROJECT)"
|
DEFAULT_USER_AGENT="$PROJECT_NAME/$VER ($PROJECT)"
|
||||||
|
|
||||||
@ -155,6 +161,8 @@ _REVOKE_WIKI="https://github.com/acmesh-official/acme.sh/wiki/revokecert"
|
|||||||
|
|
||||||
_ZEROSSL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA"
|
_ZEROSSL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA"
|
||||||
|
|
||||||
|
_SSLCOM_WIKI="https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA"
|
||||||
|
|
||||||
_SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
|
_SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
|
||||||
|
|
||||||
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
|
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
|
||||||
@ -2617,7 +2625,13 @@ _initpath() {
|
|||||||
_ACME_SERVER_HOST="$(echo "$ACME_DIRECTORY" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
|
_ACME_SERVER_HOST="$(echo "$ACME_DIRECTORY" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
|
||||||
_debug2 "_ACME_SERVER_HOST" "$_ACME_SERVER_HOST"
|
_debug2 "_ACME_SERVER_HOST" "$_ACME_SERVER_HOST"
|
||||||
|
|
||||||
CA_DIR="$CA_HOME/$_ACME_SERVER_HOST"
|
_ACME_SERVER_PATH="$(echo "$ACME_DIRECTORY" | cut -d : -f 2- | tr -s / | cut -d / -f 3-)"
|
||||||
|
_debug2 "_ACME_SERVER_PATH" "$_ACME_SERVER_PATH"
|
||||||
|
if [ -z "$_ACME_SERVER_PATH" ] || [ "$_ACME_SERVER_PATH" = "directory" ]; then
|
||||||
|
CA_DIR="$CA_HOME/$_ACME_SERVER_HOST"
|
||||||
|
else
|
||||||
|
CA_DIR="$CA_HOME/$_ACME_SERVER_HOST/$_ACME_SERVER_PATH"
|
||||||
|
fi
|
||||||
|
|
||||||
_DEFAULT_CA_CONF="$CA_DIR/ca.conf"
|
_DEFAULT_CA_CONF="$CA_DIR/ca.conf"
|
||||||
|
|
||||||
@ -6638,9 +6652,10 @@ _checkSudo() {
|
|||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
#server
|
#server #keylength
|
||||||
_selectServer() {
|
_selectServer() {
|
||||||
_server="$1"
|
_server="$1"
|
||||||
|
_skeylength="$2"
|
||||||
_server_lower="$(echo "$_server" | _lower_case)"
|
_server_lower="$(echo "$_server" | _lower_case)"
|
||||||
_sindex=0
|
_sindex=0
|
||||||
for snames in $CA_NAMES; do
|
for snames in $CA_NAMES; do
|
||||||
@ -6651,6 +6666,9 @@ _selectServer() {
|
|||||||
if [ "$_server_lower" = "$sname" ]; then
|
if [ "$_server_lower" = "$sname" ]; then
|
||||||
_debug2 "_selectServer match $sname"
|
_debug2 "_selectServer match $sname"
|
||||||
_serverdir="$(_getfield "$CA_SERVERS" $_sindex)"
|
_serverdir="$(_getfield "$CA_SERVERS" $_sindex)"
|
||||||
|
if [ "$_serverdir" = "$CA_SSLCOM_RSA" ] && _isEccKey "$_skeylength"; then
|
||||||
|
_serverdir="$CA_SSLCOM_ECC"
|
||||||
|
fi
|
||||||
_debug "Selected server: $_serverdir"
|
_debug "Selected server: $_serverdir"
|
||||||
ACME_DIRECTORY="$_serverdir"
|
ACME_DIRECTORY="$_serverdir"
|
||||||
export ACME_DIRECTORY
|
export ACME_DIRECTORY
|
||||||
@ -6882,7 +6900,6 @@ _process() {
|
|||||||
;;
|
;;
|
||||||
--server)
|
--server)
|
||||||
_server="$2"
|
_server="$2"
|
||||||
_selectServer "$_server"
|
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
--debug)
|
--debug)
|
||||||
@ -6981,7 +6998,6 @@ _process() {
|
|||||||
Le_DNSSleep="$_dnssleep"
|
Le_DNSSleep="$_dnssleep"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
|
||||||
--keylength | -k)
|
--keylength | -k)
|
||||||
_keylength="$2"
|
_keylength="$2"
|
||||||
shift
|
shift
|
||||||
@ -6990,7 +7006,6 @@ _process() {
|
|||||||
_accountkeylength="$2"
|
_accountkeylength="$2"
|
||||||
shift
|
shift
|
||||||
;;
|
;;
|
||||||
|
|
||||||
--cert-file | --certpath)
|
--cert-file | --certpath)
|
||||||
_cert_file="$2"
|
_cert_file="$2"
|
||||||
shift
|
shift
|
||||||
@ -7254,6 +7269,10 @@ _process() {
|
|||||||
shift 1
|
shift 1
|
||||||
done
|
done
|
||||||
|
|
||||||
|
if [ "$_server" ]; then
|
||||||
|
_selectServer "$_server" "${_ecc-:$_keylength}"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "${_CMD}" != "install" ]; then
|
if [ "${_CMD}" != "install" ]; then
|
||||||
if [ "$__INTERACTIVE" ] && ! _checkSudo; then
|
if [ "$__INTERACTIVE" ] && ! _checkSudo; then
|
||||||
if [ -z "$FORCE" ]; then
|
if [ -z "$FORCE" ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user