.unraid.net response_complete(406, '{"error":"'._('Cannot provision cert that would overwrite your existing custom cert at').' /boot/config/ssl/certs/certificate_bundle.pem"}'); } exec("/usr/bin/openssl x509 -checkend 2592000 -noout -in /etc/ssl/certs/unraid_bundle.pem",$arrout,$retval_expired); if ($retval_expired === 0) { if ($cli) exit(0); // not within 30 days of cert expire date response_complete(406, '{"error":"'._('Cannot renew cert until within 30 days of expiry').'"}'); } } $keyfile = @file_get_contents($var['regFILE']); if ($keyfile === false) { if ($cli) exit(0); response_complete(406, '{"error":"'.('License key required').'"}'); } $keyfile = @base64_encode($keyfile); $internalip = $eth0['IPADDR:0']; $internalport = $var['PORTSSL']; $ch = curl_init('https://keys.lime-technology.com/account/ssl/provisioncert'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, [ 'internalip' => $internalip, 'internalport' => $internalport, 'keyfile' => $keyfile ]); $result = curl_exec($ch); $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); // go ahead and save the cert then reload nginx for cli if ($cli) { $json = @json_decode($result,true); if (empty($json['bundle'])) { $strError = _('Server was unable to provision SSL certificate'); if (!empty($json['error'])) { $strError .= ' - '.$json['error']; } response_complete(406, '{"error":"'.$strError.'"}'); } $_POST['text'] = $json['bundle']; // nice way to leverage CertUpload.php to save the cert include(__DIR__.'/CertUpload.php'); exec("/etc/rc.d/rc.nginx reload"); } response_complete($httpcode, $result, _('LE Cert Provisioned successfully')); ?>