Jump to content

How to create a new p12 certificate for EmbyServer when Synology renews its Let's Encryption Certificate

MAX92

By MAX92
in Synology

 Share

Recommended Posts

MAX92

MAX92 74

Posted
Posted (edited)

Guide to have a script to create a new p12 certificate for EmbyServer when Synology renews its Let's Encryption Certificate.

#!/bin/sh

# CONFIGURATION

#script_folder=/volume2/Emby backup/Certificats à conserver
script_folder=/volume2/video
# p12 file
p12_file_path=$script_folder/certificate_auto.pfx
# Synology's Default Let's encrypt folder
letsencrypt_cert_folder=/usr/syno/etc/certificate/system/default
# renew timestamp
renew_timestamp=renew_emby_timestamp.txt
# p12 password
p12cert_password=EMBY


# DO NOT CHANGE BELOW UNLESS YOU'RE A WIZARD

generate_p12=false
current_date=`date +"%s"`
current_certificate_date=`openssl x509 -enddate -noout -in $letsencrypt_cert_folder/RSA-cert.pem | cut -d'=' -f2`
current_certificate_timestamp=`date -d "$current_certificate_date" +"%s"`

# check if the renew_timestamp file exists
if [ ! -f $script_folder/$renew_timestamp ]; then
  echo "Generate timestamp for the current renew date... "
  echo $current_certificate_timestamp > $script_folder/$renew_timestamp
  chmod +rw $script_folder/$renew_timestamp
  chown admin:users $script_folder/$renew_timestamp

  # generate the first p12 file
  generate_p12=true
else
  renew_date=`cat $script_folder/$renew_timestamp`
  # check if it is necessary to renew the certificate or not
  if expr "$current_date" ">" "$renew_date" > /dev/null; then
    # generate a new p12 file
    echo "Renewing certificate..."
    generate_p12=true

    # update timestamp in the file
    echo $current_certificate_timestamp > $script_folder/$renew_timestamp
  else
    echo "It is not necessary to renew the certificate, abort."
    exit 0
  fi
fi

# generate a new certificate file if necessary, and restart EMBY Server
if expr "$generate_p12" "=" "true" > /dev/null; then
  echo "Generating the p12 certificate file..."
  openssl pkcs12 -export -in $letsencrypt_cert_folder/RSA-fullchain.pem -inkey $letsencrypt_cert_folder/RSA-privkey.pem -out $p12_file_path -password pass:$p12cert_password
  chmod +r $p12_file_path
  chown admin:users $p12_file_path
  echo "Restarting EMBY Server..."
  synopkg restart EmbyServer
  echo "Done."
fi

Edited by MAX92
  • Like 1
Neminem

Neminem 774

Posted
Posted

Is this a guide or a question ?

MAX92

MAX92 74

Posted
  • Author
Posted

It is a guide, it's working fine !

Neminem

Neminem 774

Posted
Posted

Nice thanks for sharing 👍

Can you edit it so that it says it's a guide ?

MAX92

MAX92 74

Posted
  • Author
Posted
24 minutes ago, Neminem said:

Nice thanks for sharing 👍

Can you edit it so that it says it's a guide ?

Done !

  • Like 2

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...