chore: add SSL certificate renewal script

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

renew-ssl.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+# SSL 인증서 갱신 스크립트
+# 사용법: ./renew-ssl.sh /path/to/__yakenator_io.crt /path/to/__yakenator_io.ca-bundle
+#
+# 예시: ./renew-ssl.sh ~/Downloads/yakenator_io/__yakenator_io.crt ~/Downloads/yakenator_io/__yakenator_io.ca-bundle
+
+set -e
+
+SERVER="yakenator@10.0.0.3"
+REMOTE_CERT="/etc/nginx/ssl/yakenator.io.cert.pem"
+CRT_FILE="$1"
+BUNDLE_FILE="$2"
+
+if [ -z "$CRT_FILE" ] || [ -z "$BUNDLE_FILE" ]; then
+    echo "사용법: $0 <.crt 파일> <.ca-bundle 파일>"
+    echo "예시:   $0 ~/Downloads/yakenator_io/__yakenator_io.crt ~/Downloads/yakenator_io/__yakenator_io.ca-bundle"
+    exit 1
+fi
+
+if [ ! -f "$CRT_FILE" ]; then
+    echo "오류: $CRT_FILE 파일을 찾을 수 없습니다."
+    exit 1
+fi
+
+if [ ! -f "$BUNDLE_FILE" ]; then
+    echo "오류: $BUNDLE_FILE 파일을 찾을 수 없습니다."
+    exit 1
+fi
+
+echo "1) fullchain 생성 중..."
+TMPFILE=$(mktemp /tmp/yakenator.io.fullchain.XXXXXX.pem)
+{ cat "$CRT_FILE"; echo; cat "$BUNDLE_FILE"; } > "$TMPFILE"
+
+echo "2) 인증서 검증 중..."
+SUBJECT=$(openssl x509 -in "$CRT_FILE" -noout -subject 2>/dev/null)
+DATES=$(openssl x509 -in "$CRT_FILE" -noout -dates 2>/dev/null)
+echo "   $SUBJECT"
+echo "   $DATES"
+
+openssl verify -CAfile "$BUNDLE_FILE" "$CRT_FILE" > /dev/null 2>&1
+echo "   체인 검증: OK"
+
+echo "3) 서버에 업로드 중..."
+scp "$TMPFILE" "$SERVER:/tmp/yakenator.io.fullchain.pem"
+
+echo "4) 인증서 교체 및 Nginx 리로드..."
+ssh "$SERVER" "sudo cp /tmp/yakenator.io.fullchain.pem $REMOTE_CERT && sudo chmod 644 $REMOTE_CERT && sudo nginx -t && sudo systemctl reload nginx"
+
+echo "5) HTTPS 확인..."
+ISSUER=$(curl -sv https://web-inspector.yakenator.io 2>&1 | grep "issuer:" | head -1)
+echo "   $ISSUER"
+
+rm -f "$TMPFILE"
+echo ""
+echo "SSL 인증서 갱신 완료!"