Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
devops-tools
ssl-certificate-utils
Commits
7139d69e
Commit
7139d69e
authored
Aug 22, 2018
by
Xueshan Feng
Browse files
removed dry-run; update help.
parent
581f54c2
Changes
1
Hide whitespace changes
Inline
Side-by-side
upload_cert_to_aws.sh
View file @
7139d69e
#!/bin/bash
#!/bin/bash
-e
# For AWS ELB, the cert chain file needs to be in reverse order - root cert at the top (the 3rd file)
# Usage: ./upload_cert_to_aws.sh foo.stanford.edu
awsprofile
# Usage: ./upload_cert_to_aws.sh
-p anchorage -s
foo.stanford.edu
#
# To get arn: aws --profile awsprofile iam get-server-certificate --server-certificate-name=<fqdn>
#
...
...
@@ -14,7 +14,6 @@ function init(){
domaincert
=
${
body
:-
'stanford_edu_cert.cer'
}
intermcert
=
${
chain
:
=
'stanford_edu_interm.cer'
}
server_name
=
$server
.
$domain
dryrun
=
0
}
function
upload_cert
(){
...
...
@@ -37,21 +36,19 @@ function upload_cert(){
}
help
(){
echo
"upload_cert_to_aws.sh -p <profile> -s <server> [-d <domain>] -c <chain file>
-b <body>
[-n] [-y
]"
echo
"upload_cert_to_aws.sh -p <profile> -s <server> [-d <domain>]
[
-c <chain file>
] [
-b <body>]"
echo
""
echo
" -p <aws profile>: authenticate as this profile."
echo
" -s <server>: server name. e.g. foo.stanford.edu"
echo
" -d <domain>: default to stanford.edu."
echo
" -b <cert file>: default to <server>_stanford_edu_cert.cer"
echo
" -c <chain file>: default to <server>_stanford_edu_interm.cer"
echo
" -y : non-interative mode. Answer to yes to all default values."
echo
" -n : dryrun. print out the commands"
echo
" -b <cert file>: default to <server>_stanford_edu_cert.cer in current directory."
echo
" -c <chain file>: default to <server>_stanford_edu_interm.cer in current directory"
echo
" -h : Help"
}
# Main
while
getopts
"b:c:d:p:s:h
ny
"
OPTION
while
getopts
"b:c:d:p:s:h"
OPTION
do
case
$OPTION
in
b
)
...
...
@@ -69,12 +66,6 @@ do
s
)
server
=
$OPTARG
;;
n
)
dryrun
=
1
;;
y
)
interactive
=
0
;;
[
h?]
)
help
exit
...
...
@@ -91,7 +82,7 @@ else
fi
echo
"Getting AWS account number ..."
accountId
=
$(
aws
--profile
$profile
iam
get-
user | jq
'.User.Arn'
|
grep
-Eo
'[[:digit:]]{12}'
)
accountId
=
$(
aws
--profile
$profile
sts
get-
caller-identity | jq
-r
".Account"
)
if
[
-z
"
$accountId
"
]
;
then
echo
"Cannot find AWS account number."
exit
1
...
...
@@ -105,6 +96,4 @@ else
exit
1
fi
[
$dryrun
-eq
1
]
&&
echo
"Dryrun mode. Nothing is changed."
exit
0
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment