rotate-keys: use http if encryption keys were not yet available (assume nginx.conf reflects state of keys)

author: Erich Eckner <git@eckner.net> 2019-09-03 10:43:02 +0200
committer: Erich Eckner <git@eckner.net> 2019-09-03 10:43:56 +0200
commit: c6179a2a39695402ec6e3007957bebf72bc55669 (patch)
tree: 6129b5e0cd5b344690c595bc032c195eb1fad978
parent: 9811c9fedc40bb6706fd30afee2ea6d9adbba054 (diff)
download: simple-pki-c6179a2a39695402ec6e3007957bebf72bc55669.tar.xz
1 files changed, 12 insertions, 4 deletions
diff --git a/rotate-keys.in b/rotate-keys.in
index ea50400..8c51e62 100644
--- a/rotate-keys.in
+++ b/rotate-keys.in
@@ -104,10 +104,18 @@ printf '%s\n' "${hosts}" \
     -keyout "${key_dir}/${host}.key.new" \
     -out "${tmp_dir}/${host}.csr" \
 
-  printf 'https://%s/.csr/%s/%s.csr\n' \
-    "${host}" \
-    "${tmp_dir##*/}" \
-    "${host}" \
+  {
+    printf 'http'
+    if [ -f "${key_dir}/${host}.key" ] \
+    && [ -f "${key_dir}/${host}.crt" ] \
+    && [ -f "${key_dir}/${host}.chain" ]; then
+      printf 's'
+    fi
+    printf '://%s/.csr/%s/%s.csr\n' \
+      "${host}" \
+      "${tmp_dir##*/}" \
+      "${host}"
+  } \
   >> "${tmp_dir}/commands"
 done
author	Erich Eckner <git@eckner.net>	2019-09-03 10:43:02 +0200
committer	Erich Eckner <git@eckner.net>	2019-09-03 10:43:56 +0200
commit	c6179a2a39695402ec6e3007957bebf72bc55669 (patch)
tree	6129b5e0cd5b344690c595bc032c195eb1fad978
parent	9811c9fedc40bb6706fd30afee2ea6d9adbba054 (diff)
download	simple-pki-c6179a2a39695402ec6e3007957bebf72bc55669.tar.xz