ab-docker/ab-livereload
1
0
Fork 0
Code Issues Pull Requests Releases 7 Activity

feature(entrypoint): show loaded certificate

Browse Source 
- warn if private key missing
- change error return codes
This commit is contained in:
Asif Bacchus 2021-07-23 18:19:36 -06:00
parent 5ded2bc320
commit 3001dbca73
1 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
build/entrypoint.sh
View File

@ -35,7 +35,24 @@ certificateGenerateNew() {
certificateShow() { certificateShow() {
printf "\nCurrently loaded certificate:\n" printf "\nCurrently loaded certificate:\n"
exit 0 certStatus="$(certificateCheckExist)"
case "$certStatus" in
noexist)
printf "[ERROR]: No certificate is loaded (certificate directory empty).\n\n"
exit 51
;;
noread_certificate)
printf "[ERROR]: Cannot read loaded certificate.\n\n"
exit 52
;;
noread_key)
printf "\n[WARNING]: Cannot find private key associated with certificate!\n\n"
;;
esac
if ! openssl x509 -noout -text -nameopt align,multiline -certopt no_pubkey,no_sigdump -in /certs/fullchain.pem; then
printf "\n[ERROR]: Unable to display loaded certificate.\n\n"
exit 52
fi
} }
convertCaseLower() { convertCaseLower() {
@ -92,12 +109,12 @@ if [ "$doServer" -eq 1 ]; then
noread_certificate) noread_certificate)
printf "[Checking mounted certificate]" printf "[Checking mounted certificate]"
printf "\nERROR: SSL/TLS mode selected but unable to read certificate!\n\n" printf "\nERROR: SSL/TLS mode selected but unable to read certificate!\n\n"
exit 51 exit 52
;; ;;
noread_key) noread_key)
printf "[Checking mounted certificate]" printf "[Checking mounted certificate]"
printf "\nERROR: SSL/TLS mode selected but unable to read private key!\n\n" printf "\nERROR: SSL/TLS mode selected but unable to read private key!\n\n"
exit 52 exit 53
;; ;;
ok) ok)
printf "[Certificate OK]\n" printf "[Certificate OK]\n"
@ -128,7 +145,10 @@ if [ "$doCertNew" -eq 1 ]; then
fi fi
# action: show loaded certificate # action: show loaded certificate
if [ "$doCertShow" -eq 1 ]; then certificateShow; fi if [ "$doCertShow" -eq 1 ]; then
certificateShow
exit 0
fi
# failsafe exit - terminate with code 99: this code should never be executed! # failsafe exit - terminate with code 99: this code should never be executed!
exit 99 exit 99
@ -138,8 +158,9 @@ exit 99
# 1: invalid or invalid parameter passed to script # 1: invalid or invalid parameter passed to script
# 2: interactive shell required # 2: interactive shell required
# 50: certificate errors # 50: certificate errors
# 51: unable to read certificate/chain # 51: certificate directory empty
# 52: unable to read private key # 52: unable to read certificate/chain
# 53: unable to read private key
# 55: unable to generate new certificate # 55: unable to generate new certificate
# 99: code error # 99: code error