A fake LetsEncrypt simulator for use in testing inside isolated environments. Creates self signed certs instead of real ones.

certbot-auto-fake

#!/bin/bash -ue

################################################################################
# Simulates the certificate files that LetsEncrypt creates, creating self signed ones instead
# Ignores all arguments except the last one, which is assumed to be your FQDN.
################################################################################

if [ $# -lt 1 ]; then
  >&2 echo "I need at least a FQDN to do anything."
  exit 1
fi

# This hack just picks out the last argument provided to the script.
for FQDN; do true; done
echo "FQDN: $FQDN"

# Make the dirs we need.
mkdir -pv /etc/letsencrypt/{archive,live}/${FQDN}

# Create a cert + key, and put files in place
SELF_KEY=/etc/letsencrypt/archive/${FQDN}/privkey.pem
SELF_CERT=/etc/letsencrypt/archive/${FQDN}/cert.pem
( set -x && openssl req -x509 -nodes -days 60 -newkey rsa:2048 -keyout "$SELF_KEY" -out "$SELF_CERT" -subj "/C=CA/ST=British Columbia/L=Kelowna/O=Snake Oil Inc/OU=IT Department/CN=${FQDN}" )
cp -v $SELF_CERT /etc/letsencrypt/archive/${FQDN}/chain.pem
cp -v $SELF_CERT /etc/letsencrypt/archive/${FQDN}/fullchain.pem

# Create links for the the "Live" versions
for WHAT in cert chain fullchain privkey; do
  LINK=/etc/letsencrypt/live/${FQDN}/${WHAT}.pem
  REAL=/etc/letsencrypt/archive/${FQDN}/${WHAT}.pem
  ln -sv "$REAL" "$LINK"
done

echo "OK"