Python script to install SSL certificate from Let's Encrypt into Cpanel for a single domain.

cpanel_ssl_install.py

#!/usr/bin/env python2.7

'''This script will install an SSL certificate into Cpanel
for a single domain.  In my case, the certificate is from
Let's Encrypt via 'acme.sh'.  The script expects the certificate
to be stored in the manner described at
http://east.fm/posts/acme-cpanel-a2hosting

This script requires a single argument: the domain name.

If the script is located in $HOME/bin, this is how it would
be used to install a LE cert obtained using acme.sh:

$ acme.sh --install-cert -d east.fm \
          --certpath $HOME/LE_certs/cert.pem \
          --keypath  $HOME/LE_certs/key.pem \
          --capath   $HOME/LE_certs/ca.cer \
          --fullchainpath $CDIR/fullchain.crt \
          --reloadcmd "$HOME/bin/cpanel_ssl_install.py east.fm"

N.B.: The 'uapi' 'install_ssl' command, which this script calls,
restarts httpd.

This is a single-use script and has zero error checking.

'''


import os
import subprocess
import sys

domain = sys.argv[1]

# Must match location/names used with 'acme.sh --install-cert'.
certs_dir = os.path.join(os.environ['HOME'], 'LE_certs')
cert = os.path.join(certs_dir, 'cert.pem')
key  = os.path.join(certs_dir, 'key.pem')
cabundle = os.path.join(certs_dir, 'ca.cer')

# https://documentation.cpanel.net/display/SDK/UAPI+Functions+-+SSL%3A%3Ainstall_ssl
output = subprocess.Popen([
	"uapi",
	"SSL",
	"install_ssl",
	"domain=%s" % domain,
	"cert=%s" % open(cert, 'rb').read(),
	"key=%s"  % open(key,  'rb').read(),
	"cabundle=%s" % open(cabundle, 'rb').read(),
    ],
    stdout=subprocess.PIPE).communicate()

print output