Skip to content

Commit

Permalink
letsencrypt-tlsa.sh fetch cross-signed certs only in full certificate…
Browse files Browse the repository at this point in the history 
… mode
  • Loading branch information
@oh2fih
oh2fih committed Jul 26, 2024
1 parent 4a4d4d7 commit d3fb658
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion bin/letsencrypt-tlsa.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,11 +101,18 @@ fi

# Get URLs for the Subordinate (Intermediate) CAs, including backups

if (( SELECTOR == 1 )); then
# cross-signed certificates have the same public key
REGEX="/certs/[0-9]+/[0-9a-zA-Z]+.pem"
else
REGEX="/certs/[0-9]+/[0-9a-zA-Z]+(-cross)?.pem"
fi

INTERMEDIATE_PATHS=$(
curl --silent "${BASE_URL}${SOURCE}" \
| sed '/subordinate-intermediate-cas/d' \
| sed '/.summary.Retired..summary./q' \
| grep -oE "/certs/[0-9]+/[0-9a-zA-Z]+(-cross)?.pem"
| grep -oE "$REGEX"
)

if [ "$INTERMEDIATE_PATHS" = "" ]; then
Expand Down

0 comments on commit d3fb658

Please sign in to comment.