如何从 httpd.conf apache 导出 ssl 密钥、crt 和 CA 以将其用于所有用户的 nginx

Question

使用自定义设置，将 nginx 用作带有 cpanel 的 Web 引擎 需要命令导出 ssl 文件以将其用于 nginx

cpanel 现在使用由 Comodo 提供支持的 AutoSSL 免费提供，并会在任何用户域 ssl 过期时自动续订

例子httpd.conf

<VirtualHost 4xx30:4433>
  ServerName xnxxsch.com
  <IfModule ssl_module>
 SSLCertificateFile /var/cpanel/ssl/installed/certs/xnh_com_d98c5_67ca3_150707$
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
  </IfModule>
</VirtualHost>

<VirtualHost 46.xx30:4433>
  ServerName xxxh.com
  <IfModule ssl_module>
 SSLCertificateFile /var/cpanel/ssl/installed/certs/xnah_com_d98c5_67ca3_150707$
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/d98c5_67ca3_76c14a301e0260891bbe91504$
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/cPanel_Inc__681917bfb43af6b642178$
  </IfModule>
</VirtualHost>

需要导出每个域 (ServerName)

作为两个文件

SSLCertificateKeyFile as ServerName.key

和

SSLCertificateFile+ SSLCACertificateFile as ServerName.crt

来自 ssh

和

grep 'ServerName' /etc/apache2/conf/httpd.conf

i export 都需要在循环中使用

获取其下的SSLCertificateKeyFile

并将名称为 servername.crt 的文件复制到 /etc/nginx/ssl/

Answer 1

我敢肯定一些效率狂会对此感到窒息，但它应该有效：

#!/bin/bash
# Look for ServerName, and extract the value.  Loop over results.
for server in $( grep ServerName httpd.conf | sed 's/.*ServerName\s*//' ); do
    echo $server
    # Pull out the block of XML for that server
    block=$( grep -A5 "$server" httpd.conf)

    # Extract file names from the XML block
    SSLCertificateFile=$( echo "$block" | sed -n 's/.*SSLCertificateFile\s*//p')
    SSLCertificateKeyFile=$( echo "$block" | sed -n 's/.*SSLCertificateKeyFile\s*//p')
    SSLCACertificateFile=$( echo "$block" | sed -n 's/.*SSLCACertificateFile\s*//p')

    # Create files
    cp "$SSLCertificateKeyFile" "${server}.key"
    cat "$SSLCertificateFile" "$SSLCACertificateFile" > "${server}.crt"
done
# end of loop