RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
Browse Source

Use aliases so hostname is better

pull/740/head
Tim Kimber 6 years ago
parent
f49f261a4b
commit
082d651474
2 changed files with 16 additions and 12 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -0
      docker-compose.yml
  2. +14
    -12
      test/run-test.sh

+ 2
- 0
docker-compose.yml View File

@ -31,6 +31,8 @@ services:
networks:
acmenet:
ipv4_address: 10.30.50.4
aliases:
- getssl.test
networks:
acmenet:


+ 14
- 12
test/run-test.sh View File

@ -7,29 +7,31 @@ if [[ -d /root/.getssl ]]; then
rm -r /root/.getssl
fi
HOST=getssl.test
wget --no-clobber https://raw.githubusercontent.com/letsencrypt/pebble/master/test/certs/pebble.minica.pem
# cat /etc/pki/tls/certs/ca-bundle.crt /root/pebble.minica.pem > /root/pebble-ca-bundle.crt
cat /etc/ssl/certs/ca-certificates.crt /root/pebble.minica.pem > /root/pebble-ca-bundle.crt
export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
curl -X POST -d '{"host":"getssl", "addresses":["10.30.50.4"]}' http://10.30.50.3:8055/add-a
curl -X POST -d '{"host":"'$HOST'", "addresses":["10.30.50.4"]}' http://10.30.50.3:8055/add-a
# Test #1 - http-01 verification
echo Test \#1 - http-01 verification
cp /getssl/test/test-config/nginx-ubuntu-no-ssl /etc/nginx/sites-enabled/default
service nginx restart
/getssl/getssl -c getssl
cp /getssl/test/test-config/getssl-http01.cfg /root/.getssl/getssl/getssl.cfg
/getssl/getssl -f getssl
/getssl/getssl -c $HOST
cp /getssl/test/test-config/getssl-http01.cfg /root/.getssl/${HOST}/getssl.cfg
/getssl/getssl -f $HOST
# Test #2 - http-01 forced renewal
echo Test \#2 - http-01 forced renewal
# There's a race condition if renew too soon (authlink returns "valid" instead of "pending")
echo Sleeping 20s to allow previous validation to expire
sleep 20
/getssl/getssl getssl -f
# Remove previous validation tokens
rm -rf /var/www/html/.well-known
service nginx restart
/getssl/getssl $HOST -f
# Test cleanup
rm -r /root/.getssl
@ -39,9 +41,9 @@ echo Test \#3 - dns-01 verification
cp /getssl/test/test-config/nginx-ubuntu-no-ssl /etc/nginx/sites-enabled/default
service nginx restart
/getssl/getssl -c getssl
cp /getssl/test/test-config/getssl-dns01.cfg /root/.getssl/getssl/getssl.cfg
/getssl/getssl getssl
/getssl/getssl -c $HOST
cp /getssl/test/test-config/getssl-dns01.cfg /root/.getssl/${HOST}/getssl.cfg
/getssl/getssl $HOST
# Test #4 - dns-01 forced renewal
echo Test \#4 - dns-01 forced renewal
@ -50,4 +52,4 @@ echo Test \#4 - dns-01 forced renewal
echo Sleeping 30s to allow previous validation to expire
sleep 30
/getssl/getssl getssl -f
/getssl/getssl $HOST -f

Write Preview
Loading…
Cancel
Save