Created
October 8, 2020 17:32
-
-
Save dfar-io/95dbbdac3ff739a4a8f54f382da4b5f2 to your computer and use it in GitHub Desktop.
Creates a Let's Encrypt Cert using TXT record verification and converts to PFX
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Creates a PFX certificate using CertBot | |
# | |
# TODO: Use hooks to implement automation via GoDaddy | |
# https://certbot.eff.org/docs/using.html#hooks | |
# exit when any command fails | |
set -e | |
if [ "$1" == "" ] || [ "$2" = "" ] | |
then | |
echo "Usage: cert.sh <domain> <output_filename>" | |
exit 1 | |
fi | |
certbot --text --agree-tos certonly \ | |
--manual \ | |
--preferred-challenges dns-01 \ | |
-d $1 \ | |
--manual-public-ip-logging-ok | |
# convert into a PFX with a generated password | |
PASSWORD=$(date +%s | sha256sum | base64 | head -c 32 ; echo) | |
openssl pkcs12 -export \ | |
-in /etc/letsencrypt/live/$1/fullchain.pem \ | |
-inkey /etc/letsencrypt/live/$1/privkey.pem \ | |
-out $2.pfx \ | |
-passout pass:$PASSWORD | |
echo | |
echo "################################################" | |
echo "################################################" | |
echo "PFX password is $PASSWORD" | |
echo "################################################" | |
echo "################################################" | |
# setting permissions to original user | |
chown $SUDO_USER:$SUDO_USER $2.pfx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment