Created
February 1, 2022 15:46
-
-
Save dfar-io/7c2407576214aa50295eb5e6ef35d3eb to your computer and use it in GitHub Desktop.
Creates a PFX cert using Let's Encrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Creates a PFX certificate using CertBot | |
# exit when any command fails | |
set -e | |
if [ "$1" == "" ] || [ "$2" = "" ] | |
then | |
echo "Usage: pfxcert <domain> <output_filename>" | |
exit 1 | |
fi | |
certbot --text --agree-tos certonly \ | |
--manual \ | |
--preferred-challenges dns-01 \ | |
-d $1 \ | |
--manual-public-ip-logging-ok \ | |
--register-unsafely-without-email | |
# convert into a PFX with a generated password | |
PASSWORD=$(date +%s | sha256sum | base64 | head -c 32 ; echo) | |
openssl pkcs12 -export \ | |
-in /etc/letsencrypt/live/$1/fullchain.pem \ | |
-inkey /etc/letsencrypt/live/$1/privkey.pem \ | |
-out certs/$2.pfx \ | |
-passout pass:$PASSWORD | |
echo | |
echo "################################################" | |
echo "################################################" | |
echo "PFX password is $PASSWORD" | |
echo "################################################" | |
echo "################################################" | |
# setting permissions to original user | |
chown $SUDO_USER:$SUDO_USER certs/$2.pfx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment