diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh index 64397982..271ba95f 100755 --- a/nodemgmt-scripts.sh +++ b/nodemgmt-scripts.sh @@ -1960,21 +1960,31 @@ VCENTER-SSL(){ echo -en "${idsCL[LightCyan]}Updating certificate on vCenter... ${idsCL[Default]}" - rm -f $CERTDIR/fullcert.pem - cat $CERTDIR/cert.pem > $CERTDIR/fullcert.pem - cat $CERTDIR/chain.pem >> $CERTDIR/fullcert.pem - cat $BASECERTDIR/isrgrootx1.pem >> $CERTDIR/fullcert.pem + + # eval $(awk '{ print "export " $1 }' /etc/sysconfig/vmware-environment) + + CERT=/root/.acme.sh/$VCHOSTNAME/$VCHOSTNAME.cer + KEY=/root/.acme.sh/$VCHOSTNAME/$VCHOSTNAME.key + CHAIN=/root/.acme.sh/$VCHOSTNAME/fullchain.cer + + scp /opt/nginx-proxy/ssl/$VCHOSTNAME/cert.pem root@${VCHOSTNAME}:$CERT + scp /opt/nginx-proxy/ssl/$VCHOSTNAME/privkey.pem root@${VCHOSTNAME}:$KEY + scp /opt/nginx-proxy/ssl/$VCHOSTNAME/fullchain.pem root@${VCHOSTNAME}:$CHAIN + + # ssh root@$VCHOSTNAME "(printf '1\n%s\n' '$ADMINACCOUNT'; sleep 1; printf '%s\n' '$ADMINPASS'; sleep 1; printf '2\n'; sleep 1; printf '%s\n%s\n%s\ny\n\n' '$CERT' '$KEY' '$CHAIN') | setsid /usr/lib/vmware-vmca/bin/certificate-manager" - SESSION_ID=$(curl -s -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'vmware-use-header-authn: test' --header 'vmware-api-session-id: null' -u $CRED "$SERVER/rest/com/vmware/cis/session" --insecure | python3 -c "import sys, json; print(json.load(sys.stdin)['value'])") - PRIVKEY=$(awk -v ORS='\\n' '1' "$CERTDIR/privkey.pem") - CERT=$(awk -v ORS='\\n' '1' "$CERTDIR/fullcert.pem") - REQUEST_BODY="{ \"spec\" : { \"cert\" : \"$CERT\", \"key\" : \"$PRIVKEY\" } }" - curl --insecure -X PUT "$SERVER/rest/vcenter/certificate-management/vcenter/tls" \ - -H "vmware-api-session-id: $SESSION_ID" \ - -H "Content-type: application/json" \ - -d "$REQUEST_BODY" - curl --insecure -X DELETE "$SERVER/rest/com/vmware/cis/session" -H "vmware-api-session-id: $SESSION_ID" + + # SESSION_ID=$(curl -s -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'vmware-use-header-authn: test' --header 'vmware-api-session-id: null' -u $CRED "$SERVER/rest/com/vmware/cis/session" --insecure | python3 -c "import sys, json; print(json.load(sys.stdin)['value'])") + # PRIVKEY=$(awk -v ORS='\\n' '1' "$CERTDIR/privkey.pem") + # CERT=$(awk -v ORS='\\n' '1' "$CERTDIR/fullcert.pem") + # REQUEST_BODY="{ \"spec\" : { \"cert\" : \"$CERT\", \"key\" : \"$PRIVKEY\" } }" + # curl --insecure -X PUT "$SERVER/rest/vcenter/certificate-management/vcenter/tls" \ + # -H "vmware-api-session-id: $SESSION_ID" \ + # -H "Content-type: application/json" \ + # -d "$REQUEST_BODY" + # curl --insecure -X DELETE "$SERVER/rest/com/vmware/cis/session" -H "vmware-api-session-id: $SESSION_ID" + echo -e "${idsCL[Green]}Done${idsCL[Default]}" echo