0

I'm working on automating the certificate renewal and installation in my web apps. This particular one is qBittorrent. It stores the SSL certificate/private key in a config file, like so

...
WebUI\AuthSubnetWhitelistEnabled=false
WebUI\HTTPS\Certificate=@ByteArray(-----BEGIN CERTIFICATE-----\n0GCSqGSIb3DQEBCwUA\nMEoxCzAQaih7W\n-----END CERTIFICATE-----)
WebUI\HTTPS\Enabled=true
WebUI\HTTPS\Key="@ByteArray(-----BEGIN PRIVATE KEY-----\nFAASdoONpV\nBvX+hUcjAne0PkZV9d7NG1QvipW+MPa4N12i+aRmwK\nhACATS21MMnBFTRGSfzwLy4=\n-----END PRIVATE KEY-----)"
WebUI\LocalHostAuth=true
...

I need to be able to parse the file and replace the certificate and private key strings. After spending a few days on this, I got close

sed -i -E "s/(WebUI\\\\HTTPS\\\\Certificate=@ByteArray\().+(\))/\1foo\2/g" /home/qbtuser/.config/qBittorrent/qBittorrent.conf

This works and replaces the certificate string with foo. However, when I read the actual cert from a file and substitute it, it fails:

cert=$(<$certPath)
sed -i -E "s/(WebUI\\\\HTTPS\\\\Certificate=@ByteArray\().+(\))/\1${cert}\2/g" /home/qbtuser/.config/qBittorrent/qBittorrent.conf
sed: -e expression #1, char 78: unterminated `s' command

Apparently it doesn't like newlines in the certificate file. If I set the cert to one-line value like foo, it works. But multiline doesn't work.

How do I make this work?

tyros
  • 1
  • 1
  • You could use `tr`to replace new lines and then sed it – Mansuro May 04 '18 at 21:31
  • Mind sharing a code example? I'm new – tyros May 04 '18 at 21:35
  • This question https://stackoverflow.com/a/1252191/612920 might help a bit – Mansuro May 04 '18 at 21:37
  • I looked at that one, doesn't help. How exactly do I apply it here? – tyros May 04 '18 at 21:51
  • @Mansuro I've tried replacing newlines with \n `cert=$(sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g' $certPath)` and it still doesn't work. I'm about to give up. – tyros May 04 '18 at 23:17
  • Try the solution in the other answer, using tr – Mansuro May 04 '18 at 23:18
  • @Mansuro I tried, but I don't know how to use it. The example in the thread is removing newlines which is not what I need. The problem is the base64 certificate contains a whole bunch of special characters (/+) that probably need to be escaped too. I just need it to treat the whole `cert` variable as literal – tyros May 04 '18 at 23:50
  • What's in the certificate, and how do you want the config file to look afterward? – Beta May 05 '18 at 21:29
  • @Beta this is the certificate (I redacted it obviously, it's longer) `-----BEGIN CERTIFICATE-----\n0GCSqGSIb3DQEBCwUA\nMEoxCzAQaih7W\n-----END CERTIFICATE-----` and I want to replace it with another one. basically, I need to replace the entire string in parenthesis. The config file will look the same, just with the certificate and private key strings replaced – tyros May 06 '18 at 16:26
  • @Beta here's a simplified base case scenario: I have a text file file with line breaks, I put it in a variable `cert` and I want to be able to use that variable inside `sed`: `sed -i -E "s/(foo).+(bar)/\1${cert}\2/"`. The problem is line breaks inside of `cert` variable. If `sed` is not the right tool to accomplish this, please point me in the right direction. – tyros May 06 '18 at 16:33
  • Solved by python ConfigParser module using this script: https://superuser.com/a/1222543 – tyros Jun 23 '18 at 02:26

1 Answers1

0

Try this:

certificate=$(sed ':a;N;$!ba;s/\n//g' certificateFile);
sed -i -E "s/(WebUI\\\\HTTPS\\\\Certificate=@ByteArray\().+(\))/\1$certificate\2/g" targetFile
Vagelis Prokopiou
  • 2,285
  • 19
  • 14
  • Thanks, I was able to solve it by using a python script from here: https://superuser.com/a/1222543 – tyros Jun 23 '18 at 02:24