- Timestamp:
- 2018-09-03T18:30:29+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/build.xml
r32422 r32423 1638 1638 <echo> 1639 1639 NOTE: To run this target, 1640 * you need to have sudo permissions. Enter the sudo password if prompted.1641 * ensure nothing is running on port 80.1640 * ensure nothing is running on port 80. 1641 * if you're on Linux, you need to have sudo permissions. Enter the sudo password if prompted. 1642 1642 1643 1643 If you want your cronjob to renew a certificate, you can add pre and post hooks … … 1646 1646 ./path/to/GS3/bin/linux/certbot-auto --help renew 1647 1647 </echo> 1648 <exec executable="./certbot-auto" dir="${basedir}/bin/${os.bin.dir}" failonerror="true">1648 <exec executable="./certbot-auto" osfamily="unix" dir="${basedir}/bin/${os.bin.dir}" failonerror="true"> 1649 1649 <arg value="renew"/> 1650 1650 <arg value="--quiet"/> 1651 1651 <arg value="--no-self-upgrade"/> 1652 1652 </exec> 1653 1654 <!-- For rewewal on Windows, need to re-run the original (issuance) command and append "min-min-renew XX" to it, 1655 where if it's within XX days of expiry, the certificate will get renewed. 1656 See https://zerossl.com/usage.html#Certificate_renewal --> 1657 <if><bool><istrue value="${current.os.iswindows}"/></bool> 1658 1659 <input addproperty="https.other.domains">Enter a comma separated list of additional domains besides tomcat.server=${tomcat.server} that you registered on issuance, if any</input> 1660 <condition property="https.cert.domains" value="${tomcat.server},${https.other.domains}" else="${tomcat.server}"> 1661 <and> 1662 <isset property="https.other.domains" /> 1663 <not><matches string="${https.other.domains}" pattern="^\s*$"/></not> 1664 </and> 1665 </condition> 1666 <antcall target="setup-https-cert-windows"> 1667 <param name="https.cert.renewal" value="--renew 10"/> 1668 </antcall> 1669 </if> 1653 1670 </target> 1654 1671 … … 1660 1677 <target name="remove-https-cert" depends="check-os-for-https-cert-support"> 1661 1678 <echo> 1662 NOTE: You need to have sudo permissions to execute this target.1679 NOTE: If you're on Linux, you need to have sudo permissions to execute this target. 1663 1680 Enter the sudo password if prompted. 1664 1681 </echo> … … 1746 1763 <target name="setup-https-cert" depends="check-os-for-https-cert-support,setup-https-cert-info,https-conditions-set"> 1747 1764 <input addproperty="https.cert.email">Enter an email that Let's Encrypt, the certification authority, can send any important notifications to</input> 1748 <input addproperty="https.other.domains">Besides tomcat.server=${tomcat.server}, you may enter a comma separated list of additional domains to supportif any</input>1765 <input addproperty="https.other.domains">Besides tomcat.server=${tomcat.server}, enter a comma separated list of additional domains to support, if any</input> 1749 1766 <input addproperty="https.cert.agree" validargs="y,n">You've read the Let's Encrypt Subscriber Agreement at https://letsencrypt.org/repository/ and agree</input> 1750 1767 <if> … … 1771 1788 <echo>Proceeding...</echo> 1772 1789 <if><bool><istrue value="${current.os.iswindows}"/></bool> 1773 <antcall target="setup-https-cert-windows"/> 1790 <antcall target="setup-https-cert-windows"> 1791 <param name="https.cert.renewal" value=""/><!-- for cert issuance, there are none of the additional parameters specific to cert renewal --> 1792 </antcall> 1774 1793 </if> 1775 1794 <if><bool><istrue value="${current.os.isunixnotmac}"/></bool> … … 1782 1801 1783 1802 <target name="setup-https-cert-windows"> 1803 1784 1804 <echo>********** The included tomcat will be stopped, then restarted on port 80 and stopped again</echo> 1785 1805 … … 1820 1840 <arg value="--csr" /><arg value="${packages.home}\tomcat\conf\https_cert\${tomcat.server}.csr" /> 1821 1841 <arg value="--csr-key" /><arg value="${packages.home}\tomcat\conf\https_cert\${tomcat.server}.key" /> 1822 <!--<arg value="==crt" /><arg value="${packages.home}\tomcat\conf\https_cert\${tomcat.server}.crt" />--> 1842 <!--<arg value="==crt" /><arg value="${packages.home}\tomcat\conf\https_cert\${tomcat.server}.crt" />--> 1823 1843 <arg value="--crt" /><arg value="${packages.home}\tomcat\conf\https_cert\fullchain_and_prvtkey.crt" /> 1824 1844 <arg value="--domains" /><arg value="${https.cert.domains}" /> … … 1828 1848 <arg line="${https.testing}" /><!-- minus-minus-live if not testing, empty if testing. https://stackoverflow.com/questions/11840284/pass-arguments-to-apache-ant-exec-task-based-on-the-variables-value --> 1829 1849 <arg value="--export-pfx" /><arg value="${keystore.pass}" /> 1850 <arg line="${https.cert.renewal}" /><!-- rewew command on windows appends min-min-renew XX, where if the day the renewal is run is XX days within expiry, the certificate will get renewed. --> 1830 1851 </exec> 1831 1852 … … 1839 1860 <param name="https.comment.out.end" value="${comment.end}"/> 1840 1861 </antcall> 1841 1842 1862 1843 1863 </target>
Note:
See TracChangeset
for help on using the changeset viewer.