haproxy deploy script now compatible with OpenSSL v1.1+
The OpenSSL OCSP request for haproxy deployment breaks from OpenSSL v1.1.0 on.
The format of the `-header` option has been changed and does now contain a `=` instead of a whitespace.
Other projects have hit the same issue:
https://github.com/nghttp2/nghttp2/issues/742
This commit determines the OpenSSL/LibreSSL version and then adjusts the request accordingly.
Also removed the duplicate command line and added some more debug output.
This allows you to update a key on a Synology DSM using the existing API.
Handles restarting the necessary services the certificate is attached to and all other internal stuff (copying the certificate around, etc.)
This is way less error prone than most articles I've found on how to update a Synology DSM certificate.
* support jdcloud.com
* fix format
* ttl 3000
* Escape slashes (#2375)
* Change 1.1.1.1 to 1.0.0.1 to probe compatibility (#2330)
As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.
* check empty id
* fix error
* Add dnsapi for Vultr (#2370)
* Add Vultr dns api
* PushOver notifications (#2325)
* PushOver notifications, using AppToken, UserKey, and optional sounds
* fix errors
* added dns api support for hexonet (#1776)
* update
* minor
* support new Cloudflare Token format
fix https://github.com/Neilpang/acme.sh/issues/2398
* fix wildcard domain name
* add more info
* fix https://github.com/Neilpang/acme.sh/issues/2377
* fix format
* fix format
* implement basic haproxy deploy
HAProxy requires the certificate chain and key to be concatenated and placed somewhere (can be anywhere). This script expects a single environment variable with the path where the concatenated PEM file should be written
* add docs for HAProxy deployment
* Add conditional check to ensure path is provided
* remove whitespace
* remove more whitespace (trying to get TravisCI working)
* add reload
* update for POSIX compliance
* add documentation for reload command
* Update haproxy deploy hook
Add functionality to add OCSP stapling info (.ocsp file), issuer (.issuer file) and multi-cert bundles (suffix on pem file based on key type).
This also corrects the order of key, certificate and intermediate in the PEM file, which although HAProxy does not seem to care, was incorrect in the prior version.
* Document updated haproxy deploy hook
* Fix variable name
* whitespace fixes
* Support HAPROXY_DEPLOY_PEM_PATH
Adds compatibility to original haproxy deploy hook while still allowing custom PEM file name (via HAPROXY_DEPLOY_PEM_NAME)
* update for new haproxy deploy vars
* Fix return from reload
* Fix Le_Keylength case
* Update cert suffix for bundles .ocsp generation
* Whitepspace
* Change default for reload
* Readme update
* Actually set reload default
* Fix README.md confict
