SSL Certificate update commande line

    • OMV 4.x
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • SSL Certificate update commande line

      New

      Hi everybody!

      I'm looking for the command line that may let me import ssl certificate without using the GUI:

      At the moment my Firewall generate my SSL certificate. I already have a working script running on OMV to import this certificate and put it everywhere i need it to be (dockers mainyl)

      I dont want to struggle changing the ssl cerificate used by OMV services (as omv web GUI, nginx) every 3 month :)

      i see 2 options:

      1: theres an OMV command line to import certificates using whatever format, create the UUID as documantation want it, restart the web GUI

      2: I import the certificate as the existing UUID (overwriting the existanting SSL certificates)

      Thanks in advance for your help!
    • New

      Here is a method to update an existing cert:

      Get the UUID for an existing cert with:
      sudo omv-confdbadm read "conf.system.certificate.ssl" | jq -r '.[] | "\(.uuid) \(.comment)"'

      Once you have that, the following script should update it in the database. You will just need to adjust the four variables at the top of the script.

      Shell-Script

      1. #!/bin/bash
      2. . /usr/share/openmediavault/scripts/helper-functions
      3. certificateFile="/etc/letsencrypt/live/test/cert.pem"
      4. privateKeyFile="/etc/letsencrypt/live/test/privkey.pem"
      5. certUuid="757f842e-faf0-11e8-a284-3a6331353066"
      6. comment="test"
      7. function json_escape()
      8. {
      9. echo -n "$1" | python -c 'import json,sys; print json.dumps(sys.stdin.read())'
      10. }
      11. # read and format cert
      12. certkey=$(cat ${certificateFile})
      13. certkey=$(json_escape "${certkey}")
      14. # read and format private key
      15. privkey=$(cat ${privateKeyFile})
      16. privkey=$(json_escape "${privkey}")
      17. # change config
      18. rpcparams={"\"uuid\":\"${certUuid}\", \"certificate\":${certkey}, \"privatekey\":${privkey}, \"comment\":\"${comment}\""}
      19. omv-rpc "CertificateMgmt" "set" "${rpcparams}"
      20. # apply configuration changes
      21. omv_exec_rpc "Config" "applyChanges" "{\"modules\":[\"certificatemgmt\"],\"force\":false}"
      22. omv_exec_rpc "Config" "applyChanges" "{\"modules\":[],\"force\":false}"
      23. exit 0
      Display All
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • New

      Thanks Ryecoaaron!

      Sorry but im getting an error:

      root@nas:~# sudo bash /root/crtrenewtest.sh
      /root/crtrenewtest.sh: ligne 3: /usr/share/openmediavault/scripts/helper-functions: Aucun fic hier ou dossier de ce type
      {"uuid":"xxxxxxxxxxxxxxxxxxxx","certificate":"-----BEGIN CERTIFICATE---------END CERTIFICATE-----","privatekey":"-----BEGIN RSA PRIVATE KEY--- ------END RSA PRIVATE KEY-----","comment":"let's encrypt ssl "}
      /root/crtrenewtest.sh: ligne 28: omv_exec_rpc : commande introuvable
      /root/crtrenewtest.sh: ligne 29: omv_exec_rpc : commande introuvable

      Am i doing something wrong?

      EDIT: Indeed working :Script encoding Format problem :-/

      The post was edited 4 times, last by antipiot ().