From: Bernd Zeimetz <bernd@bzed.de>
Date: Tue, 22 Mar 2016 13:04:56 +0000 (+0100)
Subject: Keep registration information as json.
X-Git-Tag: v0.1.0~3^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d1e573c0371418bc68c189946aff0653c58acbde;p=thirdparty%2Fdehydrated.git

Keep registration information as json.

In some cases you need your registration id,
for example if you want to request a rate limit exception.
So keep the new-reg output on disk.
---

diff --git a/.gitignore b/.gitignore
index a8ac80f..64bb6a0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 private_key.pem
+private_key.json
 domains.txt
 config.sh
 hook.sh
diff --git a/config.sh.example b/config.sh.example
index 471339c..f122fed 100644
--- a/config.sh.example
+++ b/config.sh.example
@@ -36,6 +36,9 @@
 # Location of private account key (default: $BASEDIR/private_key.pem)
 #PRIVATE_KEY="${BASEDIR}/private_key.pem"
 
+# Location of private account registration information (default: $BASEDIR/private_key.json)
+#PRIVATE_KEY_JSON="${BASEDIR}/private_key.json"
+
 # Default keysize for private keys (default: 4096)
 #KEYSIZE="4096"
 
diff --git a/letsencrypt.sh b/letsencrypt.sh
index 1178a2a..a6057da 100755
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -60,6 +60,7 @@ load_config() {
   HOOK_CHAIN="no"
   RENEW_DAYS="30"
   PRIVATE_KEY=
+  PRIVATE_KEY_JSON=
   KEYSIZE="4096"
   WELLKNOWN=
   PRIVATE_KEY_RENEW="no"
@@ -106,6 +107,7 @@ load_config() {
   [[ -d "${BASEDIR}" ]] || _exiterr "BASEDIR does not exist: ${BASEDIR}"
 
   [[ -z "${PRIVATE_KEY}" ]] && PRIVATE_KEY="${BASEDIR}/private_key.pem"
+  [[ -z "${PRIVATE_KEY_JSON}" ]] && PRIVATE_KEY_JSON="${BASEDIR}/private_key.json"
   [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="${BASEDIR}/.acme-challenges"
   [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock"
 
@@ -171,9 +173,9 @@ init_system() {
     [[ ! -z "${CA_NEW_REG}" ]] || _exiterr "Certificate authority doesn't allow registrations."
     # If an email for the contact has been provided then adding it to the registration request
     if [[ -n "${CONTACT_EMAIL}" ]]; then
-      signed_request "${CA_NEW_REG}" '{"resource": "new-reg", "contact":["mailto:'"${CONTACT_EMAIL}"'"], "agreement": "'"$LICENSE"'"}' > /dev/null
+      signed_request "${CA_NEW_REG}" '{"resource": "new-reg", "contact":["mailto:'"${CONTACT_EMAIL}"'"], "agreement": "'"$LICENSE"'"}' > "${PRIVATE_KEY_JSON}"
     else
-      signed_request "${CA_NEW_REG}" '{"resource": "new-reg", "agreement": "'"$LICENSE"'"}' > /dev/null
+      signed_request "${CA_NEW_REG}" '{"resource": "new-reg", "agreement": "'"$LICENSE"'"}' > "${PRIVATE_KEY_JSON}"
     fi
   fi