From 398d1df99d3f413716fc046d27f9b29009529ac1 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:44:08 +0000 Subject: [PATCH 01/11] spelling: acme --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 7f3713e..7df04fc 100755 --- a/getssl +++ b/getssl @@ -50,7 +50,7 @@ # 2016-05-04 Improve check for if DNS_DEL_COMMAND is blank. (0.31) # 2016-05-06 Setting umask to 077 for security of private keys etc. (0.32) # 2016-05-20 update to reflect changes in staging ACME server json (0.33) -# 2016-05-20 tidying up checking of json following AMCE changes. (0.34) +# 2016-05-20 tidying up checking of json following ACME changes. (0.34) # 2016-05-21 added AUTH_DNS_SERVER to getssl.cfg as optional definition of authoritative DNS server (0.35) # 2016-05-21 added DNS_WAIT to getssl.cfg as (default = 10 seconds as before) (0.36) # 2016-05-21 added PUBLIC_DNS_SERVER option, for forcing use of an external DNS server (0.37) From 11f652dd63e76ae741169f6f74d26e62acee93ab Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:43:56 +0000 Subject: [PATCH 02/11] spelling: allow --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 7df04fc..6edf753 100755 --- a/getssl +++ b/getssl @@ -121,7 +121,7 @@ # 2016-10-05 improved the check for CSR with domain in subject (1.54) # 2016-10-06 prints update info on what was included in latest updates (1.55) # 2016-10-06 when using -a flag, ignore folders in working directory which aren't domains (1.56) -# 2016-10-12 alllow multiple tokens in DNS challenge (1.57) +# 2016-10-12 allow multiple tokens in DNS challenge (1.57) # 2016-10-14 added CHECK_ALL_AUTH_DNS option to check all DNS servres, not just one primary server (1.58) # 2016-10-14 added archive of chain and private key for each cert, and purge old archives (1.59) # 2016-10-17 updated info comment on failed cert due to rate limits. (1.60) From 401ba2e305fcecf76e7f15d9a25289e5437d2265 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:43:46 +0000 Subject: [PATCH 03/11] spelling: archive --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 6edf753..56a92e8 100755 --- a/getssl +++ b/getssl @@ -245,7 +245,7 @@ ORIGCMD="$0 $*" # Define all functions (in alphabetical order) cert_archive() { # Archive certificate file by copying files to dated archive dir. - debug "creating an achive copy of current new certs" + debug "creating an archive copy of current new certs" date_time=$(date +%Y_%m_%d_%H_%M) mkdir -p "${DOMAIN_DIR}/archive/${date_time}" umask 077 From 71cbde40d88d4f36d35017241bd4c953b6bd77ba Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:35:18 +0000 Subject: [PATCH 04/11] spelling: macos --- README.md | 2 +- getssl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 879d8f3..484b1ec 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Obtain SSL certificates from the letsencrypt.org ACME server. Suitable for automating the process on remote servers. ## Features -* **Bash** - It runs on virtually all unix machines, including BSD, most Linux distributions, MAC OSX. +* **Bash** - It runs on virtually all unix machines, including BSD, most Linux distributions, macOS. * **Get certificates for remote servers** - The tokens used to provide validation of domain ownership, and the certificates themselves can be automatically copied to remote servers (via ssh, sftp or ftp for tokens). The script doesn't need to run on the server itself. This can be useful if you don't have access to run such scripts on the server itself, e.g. if it's a shared server. * **Runs as a daily cron** - so certificates will be automatically renewed when required. * **Automatic certificate renewals** diff --git a/getssl b/getssl index 56a92e8..b5d41e0 100755 --- a/getssl +++ b/getssl @@ -676,7 +676,7 @@ date_epoc() { # convert the date into epoch time date_fmt() { # format date from epoc time to YYYY-MM-DD if [[ "$os" == "bsd" ]]; then #uses older style date function. date -j -f "%s" "$1" +%F - elif [[ "$os" == "mac" ]]; then # MAC OSX uses older BSD style date. + elif [[ "$os" == "mac" ]]; then # macOS uses older BSD style date. date -j -f "%s" "$1" +%F else date -d "@$1" +%F From 7b8f1b831fc66b24e4fdc00c12e9cd0933c5ada1 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:45:54 +0000 Subject: [PATCH 05/11] spelling: mac os x --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index b5d41e0..246f5c8 100755 --- a/getssl +++ b/getssl @@ -114,7 +114,7 @@ # 2016-09-27 added additional debug info issue #119 (1.47) # 2016-09-27 removed IPv6 switch in favour of checking both IPv4 and IPv6 (1.48) # 2016-09-28 Add -Q, or --mute, switch to mute notifications about successfully upgrading getssl (1.49) -# 2016-09-30 improved portability to work natively on FreeBSD, Slackware and OSX (1.50) +# 2016-09-30 improved portability to work natively on FreeBSD, Slackware and Mac OS X (1.50) # 2016-09-30 comment out PRIVATE_KEY_ALG from the domain template Issue #125 (1.51) # 2016-10-03 check remote certificate for right domain before saving to local (1.52) # 2016-10-04 allow existing CSR with domain name in subject (1.53) From bf96cb6d028dcbb9b910b41ba499e8c6a5d20407 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:46:21 +0000 Subject: [PATCH 06/11] spelling: permission --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 246f5c8..944d44c 100755 --- a/getssl +++ b/getssl @@ -127,7 +127,7 @@ # 2016-10-17 updated info comment on failed cert due to rate limits. (1.60) # 2016-10-17 fix error messages when using 1.0.1e-fips (1.61) # 2016-10-20 set secure permissions when generating account key (1.62) -# 2016-10-20 set permsissions to 700 for getssl script during upgrade (1.63) +# 2016-10-20 set permissions to 700 for getssl script during upgrade (1.63) # 2016-10-20 add option to revoke a certificate (1.64) # 2016-10-21 set revocation server default to acme-v01.api.letsencrypt.org (1.65) # 2016-10-21 bug fix for revocation on different servers. (1.66) From 8ce75abc3d168d97e0d2248b8fe540e5db7663df Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:46:34 +0000 Subject: [PATCH 07/11] spelling: private --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 944d44c..53aba49 100755 --- a/getssl +++ b/getssl @@ -1736,7 +1736,7 @@ else create_key "$ACCOUNT_KEY_TYPE" "$ACCOUNT_KEY" "$ACCOUNT_KEY_LENGTH" fi -# if not reusing priavte key, then remove the old keys +# if not reusing private key, then remove the old keys if [[ "$REUSE_PRIVATE_KEY" != "true" ]]; then if [[ -s "$DOMAIN_DIR/${DOMAIN}.key" ]]; then rm -f "$DOMAIN_DIR/${DOMAIN}.key" From a07e2a9757ee5bb118932b2d2277167e99fa17d9 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:46:57 +0000 Subject: [PATCH 08/11] spelling: secure --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 53aba49..42e2290 100755 --- a/getssl +++ b/getssl @@ -527,7 +527,7 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required. fi elif [[ "${to:0:4}" == "ftp:" ]] ; then if [[ "$cert" != "challenge token" ]] ; then - error_exit "ftp is not a sercure method for copying certificates or keys" + error_exit "ftp is not a secure method for copying certificates or keys" fi debug "using ftp to copy the file from $from" ftpuser=$(echo "$to"| awk -F: '{print $2}') From 76b8897e9c59564bca6bfbe095fd8223526449bb Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:47:09 +0000 Subject: [PATCH 09/11] spelling: server --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 42e2290..9bf8ce7 100755 --- a/getssl +++ b/getssl @@ -122,7 +122,7 @@ # 2016-10-06 prints update info on what was included in latest updates (1.55) # 2016-10-06 when using -a flag, ignore folders in working directory which aren't domains (1.56) # 2016-10-12 allow multiple tokens in DNS challenge (1.57) -# 2016-10-14 added CHECK_ALL_AUTH_DNS option to check all DNS servres, not just one primary server (1.58) +# 2016-10-14 added CHECK_ALL_AUTH_DNS option to check all DNS servers, not just one primary server (1.58) # 2016-10-14 added archive of chain and private key for each cert, and purge old archives (1.59) # 2016-10-17 updated info comment on failed cert due to rate limits. (1.60) # 2016-10-17 fix error messages when using 1.0.1e-fips (1.61) From 84f87b54dbe81f1df1292b90cbd2d6538fa7b32a Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:47:52 +0000 Subject: [PATCH 10/11] spelling: upgrading --- getssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/getssl b/getssl index 9bf8ce7..692448f 100755 --- a/getssl +++ b/getssl @@ -1709,7 +1709,7 @@ if [[ -s "$CERT_FILE" ]]; then if [[ $(date_renew) -lt "$enddate_s" ]] && [[ $_FORCE_RENEW -ne 1 ]]; then issuer=$(openssl x509 -in "$CERT_FILE" -noout -issuer 2>/dev/null) if [[ "$issuer" == *"Fake LE Intermediate"* ]] && [[ "$CA" == "https://acme-v01.api.letsencrypt.org" ]]; then - debug "upgradeing from fake cert to real" + debug "upgrading from fake cert to real" else info "${DOMAIN}: certificate is valid for more than $RENEW_ALLOW days (until $enddate)" # everything is OK, so exit. From 1ff407bd2d387f75faa9ecf3709db47310daa4cc Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Thu, 9 Aug 2018 04:48:07 +0000 Subject: [PATCH 11/11] spelling: verifying --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 484b1ec..42c7cdd 100644 --- a/README.md +++ b/README.md @@ -85,9 +85,9 @@ and it should run, providing output like; ``` Registering account Verify each domain -Verifing yourdomain.com +Verifying yourdomain.com Verified yourdomain.com -Verifing www.yourdomain.com +Verifying www.yourdomain.com Verified www.yourdomain.com Verification completed, obtaining certificate. Certificate saved in /home/user/.getssl/yourdomain.com/yourdomain.com.crt