Skip to content

Instantly share code, notes, and snippets.

@bdemers
Created May 4, 2020 19:38
Show Gist options
  • Save bdemers/d4ee7a8d5e489cc8c0e680db386ee8a2 to your computer and use it in GitHub Desktop.
Save bdemers/d4ee7a8d5e489cc8c0e680db386ee8a2 to your computer and use it in GitHub Desktop.
#!/usr/bin/env bash
echo "RENEWED_LINEAGE: ${RENEWED_LINEAGE}"
# requires `yq` and `jq` cli tools
OKTA_API_TOKEN=$(yq --raw-output .okta.client.token ~/.okta/okta.yaml)
API_URL="${1}/api/internal/v1/custom-url-domain/certificate"
CERT=$(cat "${RENEWED_LINEAGE}/cert.pem")
KEY=$(cat "${RENEWED_LINEAGE}/privkey.pem")
CHAIN=$(cat "${RENEWED_LINEAGE}/chain.pem")
echo "Updating Okta Certs"
http POST $API_URL "Authorization: SSWS ${OKTA_API_TOKEN}" \
publicCertContent="${CERT}" \
privateKeyContent="${KEY}" \
certChainContent="${CHAIN}"
#!/usr/bin/env bash
# NOTE the `-admin` in the okta domain below
certbot --config-dir etc/letsencrypt \
--work-dir work \
--logs-dir logs \
certonly \
--manual \
--manual-public-ip-logging-ok \
--manual-auth-hook "./custom_dns_provider.sh create" \
--manual-cleanup-hook "./custom_dns_provider.sh delete" \
--deploy-hook "./okta.sh https://dev-123456-admin.okta.com" \
--preferred-challenges dns \
-d id.example.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment