diff options
Diffstat (limited to 'check-certificates')
| -rw-r--r-- | check-certificates | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/check-certificates b/check-certificates index 2bf2443..8a06f8b 100644 --- a/check-certificates +++ b/check-certificates @@ -49,11 +49,20 @@ $WaitFullyConnected; /tool/fetch check-certificate=yes-without-crl \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; $WaitForFile $CertFileName; + + :local DecryptionFailed true; :foreach PassPhrase in=$CertRenewPass do={ - /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value; + :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; + :if ($Result->"decryption-failures" = 0) do={ + :set DecryptionFailed false; + } } /file/remove [ find where name=$CertFileName ]; + :if ($DecryptionFailed = true) do={ + $LogPrintExit2 warning $0 ("Decryption failed for certificate file " . $CertFileName) false; + } + :foreach CertInChain in=[ /certificate/find where name~("^" . $CertFileName . "_[0-9]+\$") common-name!=($CertVal->"common-name") ] do={ $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; } |