fixes #3359

Ubiquiti removed keytool (and java) from recent releases of Unifi OS. This moves from keytool to openssl's native pkcs12. Tested on Unifi Dream Machine which runs Unifi OS and a built-in Unifi controller. Also added backup of existing files prior to change in case anything goes wrong, and update system configuration with compatible ciphers.
2026-01-15 12:52:13 +08:00 · 2024-08-15 11:25:23 -04:00
parent bc90376489
commit d8637b2c0f
161 changed files with 2083 additions and 1415 deletions
--- a/dnsapi/dns_opnsense.sh
+++ b/dnsapi/dns_opnsense.sh
@@ -1,16 +1,16 @@
 #!/usr/bin/env sh
-
-#OPNsense Bind API
-#https://docs.opnsense.org/development/api.html
-#
-#OPNs_Host="opnsense.example.com"
-#OPNs_Port="443"
-# optional, defaults to 443 if unset
-#OPNs_Key="qocfU9RSbt8vTIBcnW8bPqCrpfAHMDvj5OzadE7Str+rbjyCyk7u6yMrSCHtBXabgDDXx/dY0POUp7ZA"
-#OPNs_Token="pZEQ+3ce8dDlfBBdg3N8EpqpF5I1MhFqdxX06le6Gl8YzyQvYCfCzNaFX9O9+IOSyAs7X71fwdRiZ+Lv"
-#OPNs_Api_Insecure=0
-# optional, defaults to 0 if unset
-# Set 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1)
+# shellcheck disable=SC2034
+dns_opnsense_info='OPNsense Server
+Site: docs.opnsense.org/development/api.html
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_opnsense
+Options:
+ OPNs_Host Server Hostname. E.g. "opnsense.example.com"
+ OPNs_Port Port. Default: "443".
+ OPNs_Key API Key
+ OPNs_Token API Token
+ OPNs_Api_Insecure Insecure TLS. 0: check for cert validity, 1: always accept
+Issues: github.com/acmesh-official/acme.sh/issues/2480
+'

 ########  Public functions #####################
 #Usage: add _acme-challenge.www.domain.com "123456789ABCDEF0000000000000000000000000000000000000"