Skip to content

Instantly share code, notes, and snippets.

@colindekker

colindekker/certbot-authhook-az-cli-demo-use.sh

Created August 12, 2019 22:50
Show Gist options
  • Save colindekker/6f07a5cc50c33aa98ef413b58146039a to your computer and use it in GitHub Desktop.
Save colindekker/6f07a5cc50c33aa98ef413b58146039a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
certbot-authhook-az-cli-demo-use.sh
wget https://gist.githubusercontent.com/colindekker/20d00ddbc08bca34b6b30da191d0c60a/raw/certbot-authhook-az-cli-annotated.sh
AZURE_ACCOUNT=certbottest
AZURE_DNS_GROUP=networking
AZURE_DNS_ZONE=domain.tld
AZURE_DNS_DOMAIN=subdomain.domain.tld
AZURE_WEBAPP=subdomainapp
AZURE_WEBAPP_GROUP=subdomainapp
PFX_PASSWORD=password
sudo certbot-auto certonly --manual --manual-public-ip-logging-ok \
--manual-auth-hook "certbot-authhook-az-cli-annotated.sh create ${AZURE_ACCOUNT} ${AZURE_DNS_GROUP} ${AZURE_DNS_ZONE}" \
--manual-cleanup-hook "certbot-authhook-az-cli-annotated.sh create ${AZURE_ACCOUNT} ${AZURE_DNS_GROUP} ${AZURE_DNS_ZONE}" \
--preferred-challenges dns -d "*.${AZURE_DNS_DOMAIN}"
sudo openssl pkcs12 -export \
-name "${AZURE_DNS_DOMAIN}" \
-in "/etc/letsencrypt/live/${AZURE_DNS_DOMAIN}/fullchain.pem" -out "${AZURE_DNS_DOMAIN}.pfx" \
-inkey "/etc/letsencrypt/live/${AZURE_DNS_DOMAIN}/privkey.pem"
sudo chown "${AZURE_DNS_DOMAIN}.pfx"
THUMBPRINT=$(az webapp config ssl upload --certificate-file "${AZURE_DNS_DOMAIN}.pfx" --certificate-password "${PFX_PASSWORD}" --name $AZURE_WEBAPP --resource-group $AZURE_WEBAPP_GROUP --query thumbprint --output tsv)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment