support SSL.com
This commit is contained in:
parent
280e44304a
commit
53d6ab6c23
@ -88,6 +88,7 @@ https://github.com/acmesh-official/acmetest
|
||||
- [ZeroSSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA)(default)
|
||||
- Letsencrypt.org CA
|
||||
- [BuyPass.com CA](https://github.com/acmesh-official/acme.sh/wiki/BuyPass.com-CA)
|
||||
- [SSL.com CA](https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA)
|
||||
- [Pebble strict Mode](https://github.com/letsencrypt/pebble)
|
||||
- Any other [RFC8555](https://tools.ietf.org/html/rfc8555)-compliant CA
|
||||
|
||||
|
31
acme.sh
31
acme.sh
@ -29,18 +29,24 @@ CA_BUYPASS_TEST="https://api.test4.buypass.no/acme/directory"
|
||||
CA_ZEROSSL="https://acme.zerossl.com/v2/DV90"
|
||||
_ZERO_EAB_ENDPOINT="http://api.zerossl.com/acme/eab-credentials-email"
|
||||
|
||||
|
||||
CA_SSLCOM_RSA="https://acme.ssl.com/sslcom-dv-rsa"
|
||||
CA_SSLCOM_ECC="https://acme.ssl.com/sslcom-dv-ecc"
|
||||
|
||||
|
||||
DEFAULT_CA=$CA_ZEROSSL
|
||||
DEFAULT_STAGING_CA=$CA_LETSENCRYPT_V2_TEST
|
||||
|
||||
CA_NAMES="
|
||||
ZeroSSL.com,zerossl
|
||||
LetsEncrypt.org,letsencrypt
|
||||
LetsEncrypt.org_test,letsencrypt_test,letsencrypttest
|
||||
BuyPass.com,buypass
|
||||
BuyPass.com_test,buypass_test,buypasstest
|
||||
ZeroSSL.com,zerossl
|
||||
SSL.com,sslcom
|
||||
"
|
||||
|
||||
CA_SERVERS="$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_BUYPASS,$CA_BUYPASS_TEST,$CA_ZEROSSL"
|
||||
CA_SERVERS="$CA_ZEROSSL,$CA_LETSENCRYPT_V2,$CA_LETSENCRYPT_V2_TEST,$CA_BUYPASS,$CA_BUYPASS_TEST,$CA_SSLCOM_RSA"
|
||||
|
||||
DEFAULT_USER_AGENT="$PROJECT_NAME/$VER ($PROJECT)"
|
||||
|
||||
@ -155,6 +161,8 @@ _REVOKE_WIKI="https://github.com/acmesh-official/acme.sh/wiki/revokecert"
|
||||
|
||||
_ZEROSSL_WIKI="https://github.com/acmesh-official/acme.sh/wiki/ZeroSSL.com-CA"
|
||||
|
||||
_SSLCOM_WIKI="https://github.com/acmesh-official/acme.sh/wiki/SSL.com-CA"
|
||||
|
||||
_SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
|
||||
|
||||
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
|
||||
@ -2617,7 +2625,13 @@ _initpath() {
|
||||
_ACME_SERVER_HOST="$(echo "$ACME_DIRECTORY" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
|
||||
_debug2 "_ACME_SERVER_HOST" "$_ACME_SERVER_HOST"
|
||||
|
||||
_ACME_SERVER_PATH="$(echo "$ACME_DIRECTORY" | cut -d : -f 2- | tr -s / | cut -d / -f 3-)"
|
||||
_debug2 "_ACME_SERVER_PATH" "$_ACME_SERVER_PATH"
|
||||
if [ -z "$_ACME_SERVER_PATH" ] || [ "$_ACME_SERVER_PATH" = "directory" ]; then
|
||||
CA_DIR="$CA_HOME/$_ACME_SERVER_HOST"
|
||||
else
|
||||
CA_DIR="$CA_HOME/$_ACME_SERVER_HOST/$_ACME_SERVER_PATH"
|
||||
fi
|
||||
|
||||
_DEFAULT_CA_CONF="$CA_DIR/ca.conf"
|
||||
|
||||
@ -6638,9 +6652,10 @@ _checkSudo() {
|
||||
return 0
|
||||
}
|
||||
|
||||
#server
|
||||
#server #keylength
|
||||
_selectServer() {
|
||||
_server="$1"
|
||||
_skeylength="$2"
|
||||
_server_lower="$(echo "$_server" | _lower_case)"
|
||||
_sindex=0
|
||||
for snames in $CA_NAMES; do
|
||||
@ -6651,6 +6666,9 @@ _selectServer() {
|
||||
if [ "$_server_lower" = "$sname" ]; then
|
||||
_debug2 "_selectServer match $sname"
|
||||
_serverdir="$(_getfield "$CA_SERVERS" $_sindex)"
|
||||
if [ "$_serverdir" = "$CA_SSLCOM_RSA" ] && _isEccKey "$_skeylength"; then
|
||||
_serverdir="$CA_SSLCOM_ECC"
|
||||
fi
|
||||
_debug "Selected server: $_serverdir"
|
||||
ACME_DIRECTORY="$_serverdir"
|
||||
export ACME_DIRECTORY
|
||||
@ -6882,7 +6900,6 @@ _process() {
|
||||
;;
|
||||
--server)
|
||||
_server="$2"
|
||||
_selectServer "$_server"
|
||||
shift
|
||||
;;
|
||||
--debug)
|
||||
@ -6981,7 +6998,6 @@ _process() {
|
||||
Le_DNSSleep="$_dnssleep"
|
||||
shift
|
||||
;;
|
||||
|
||||
--keylength | -k)
|
||||
_keylength="$2"
|
||||
shift
|
||||
@ -6990,7 +7006,6 @@ _process() {
|
||||
_accountkeylength="$2"
|
||||
shift
|
||||
;;
|
||||
|
||||
--cert-file | --certpath)
|
||||
_cert_file="$2"
|
||||
shift
|
||||
@ -7254,6 +7269,10 @@ _process() {
|
||||
shift 1
|
||||
done
|
||||
|
||||
if [ "$_server" ]; then
|
||||
_selectServer "$_server" "${_ecc-:$_keylength}"
|
||||
fi
|
||||
|
||||
if [ "${_CMD}" != "install" ]; then
|
||||
if [ "$__INTERACTIVE" ] && ! _checkSudo; then
|
||||
if [ -z "$FORCE" ]; then
|
||||
|
Loading…
Reference in New Issue
Block a user