Skip to content

Instantly share code, notes, and snippets.

@edm00se

edm00se/Blog.md Secret

Last active July 27, 2016 03:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save edm00se/3bc4043c19537dd3958c7af42a9618d6 to your computer and use it in GitHub Desktop.
Save edm00se/3bc4043c19537dd3958c7af42a9618d6 to your computer and use it in GitHub Desktop.
Download ZIP
On upgrading custom domain certificates (from Let's Encrypt) with Bluemix.
Raw
Blog.md

What?

Renewing HTTPS/SSL certificates, for a custom domain, on IBM Bluemix.

Case: edm00.se

Why?

90 day certificate lifecycle.

How?

asdf

Making It Easier

Being a forward-thinking developer, I recognized when I first implemented my HTTPS cert that when the renewal came around, I would need to fiddle around with the route and response value that Let's Encrypt is looking for; which seems to be generated at runtime of the letsencrypt/certbot script. Instead of hard coding the route and response values as strings, I instead opted to pull them from environment variables. This makes great sense, as Node works great with environment variables and Bluemix does a great job of making the user-defined environment variables easily maintaned through its web console.

Here's what my route definition for the Let's Encrypt query/response looks like:

app.get('/.well-known/acme-challenge/'+process.env.LETS_ENCRYPT_ROUTE,
        function(req, res){
      res.send(process.env.LETS_ENCRYPT_VERIFICATION);
    });

Refs

Raw
certbot-script.sh
# lines broken apart for readability
./certbot-auto certonly \
--manual \
--email <my.email@some.com> \
-d <my-domain-name> --agree-tos
Raw
lets-encrypt-endpoint.js
app.get('/.well-known/acme-challenge/'+process.env.LETS_ENCRYPT_ROUTE,
function(req, res){
res.send(process.env.LETS_ENCRYPT_VERIFICATION);
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment