+function check_error {
+ cat > $folder/page_output
+ cat $folder/page_output >> $folder/log
+ if grep -q "error-msgs" $folder/page_output; then
+ cat $folder/page_output
+ exit 1
+ fi
+}
+
+function issue {
+ curl=$1
+ shift
+ options=$1
+ shift
+ csrf=$($curl "account/certs/new" | csrf "head -n 1")
+
+ openssl req -newkey rsa:4096 -subj "/CN=blabla" -nodes -out $folder/req -keyout $folder/priv
+ encoded=$(tr '\n' '?' < $folder/req | sed "s/=/%3D/g;s/+/%2B/g;s/\?/%0A/g")
+
+ $curl account/certs/new -d "CSR=$encoded&process=Next&csrf=$csrf" | check_error
+
+ serial=$($curl account/certs/new "$@" -d "$options&OU=&hash_alg=SHA256&validFrom=now&validity=2y&login=1&description=&process=Issue+Certificate&csrf=$csrf" -v 2>&1 | tee $folder/certlog | grep "< Location: " | sed "s_.*/\([a-f0-9]*\)[^0-9]*_\1_")
+ echo "Certificate: $serial"
+ if [[ $serial != "" ]]; then
+ echo "installing"
+ $curl "account/certs/$serial.crt?chain&noAnchor" > $folder/cert.crt
+ $curl "account/certs/$serial.crt" > $folder/onlycert.crt
+ return 0;
+ else
+ return 1;
+ fi
+}
+