I am trying to modify NGINX config file using sed. I wand to replace the values of ssl_certificate and ssl_certificate_key

config="/etc/nginx/httpd.conf"
certfile="server.pem"
keyfile="key.pem"

sed -i -e "s/\(ssl_certificate *\/etc\/pki\/nginx\/\).*/\1$certfile/" $config
sed -i -e "s/\(ssl_certificate_key *\/etc\/pki\/nginx\/private\/\).*/\1$keyfile/" $config

With the starting lines that I want to modify looking like this

ssl_certificate /etc/pki/nginx/selfsigned.crt;
ssl_certificate_key /etc/pki/nginx/private/selfsigned.key;
ssl_dhparam /etc/pki/nginx/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

I end up with

ssl_certificate /etc/pki/nginx/server.pem
ssl_certificate_key /etc/pki/nginx/server.pem
ssl_dhparam /etc/pki/nginx/server.pem
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

What I am trying to achieve is to substitute selfsigned.crt with server.pem and selfsigned.key with key.pem to achieve

ssl_certificate /etc/pki/nginx/server.pem
ssl_certificate_key /etc/pki/nginx/key.pem
ssl_dhparam /etc/pki/nginx/dhparam.pem
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Please, advise. TIA

CodePudding user response：

Using sed

$ sed "/certificate/s|\(.*/\).*\(.$\)|\1$certfile\2|" input_file
ssl_certificate /etc/pki/nginx/server.pem;
ssl_certificate_key /etc/pki/nginx/private/server.pem;
ssl_dhparam /etc/pki/nginx/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

Match lines with certificate and carry out the substitution on those lines.

CodePudding user response：

I got it:

cat /etc/nginx/httpd.conf | sed -e "s/\(ssl_certificate *\/etc\/pki\/nginx\/\).*/\1$certfile/" -e "s/\(ssl_certificate_key *\/etc\/pki\/nginx\/private\/\).*/\1$keyfile/"

server {
    listen 443 default_server ssl;
    server_name _;
    root /usr/share/nginx/html;


    ssl_certificate /etc/pki/nginx/server.pem
    ssl_certificate_key /etc/pki/nginx/private/key.pem
    ssl_dhparam /etc/pki/nginx/dhparam.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;