Created
December 31, 2020 02:22
-
-
Save kraftboy/38a7cbc984c6d404181125fa90dca5eb to your computer and use it in GitHub Desktop.
wsl bash script to renew let's encrypt cert, create pfx, import to windows certstore and register with netsh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# sudo certbot renew | |
if [ `id -u` -ne 0 ] | |
then echo "pls run as sudo .." | |
exit | |
fi | |
echo "If certbot fails, you may need to enable port forwarding on port 80 ..." | |
sudo certbot certonly --standalone -d example.com | |
today=`date +%Y-%m-%d` | |
domain="example.com" | |
mv /certs/$domain.pfx /certs/old/example.com.$today | |
privkey=/etc/letsencrypt/live/$domain/privkey.pem | |
cert=/etc/letsencrypt/live/$domain/cert.pem | |
chain=/etc/letsencrypt/live/$domain/chain.pem | |
openssl pkcs12 -export -out /certs/$domain.pfx -inkey $privkey -in $cert -certfile $chain -password pass: | |
cp /certs/example.com.pfx /wherever/example.com.pfx | |
echo "Importing certificate to windows cert store ..." | |
/mnt/c/Windows/SysWOW64/cmd.exe /c CERTUTIL -f -importpfx "c:\wherever\example.com.pfx" | |
thumbprint=`/mnt/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe "(Get-PfxData -FilePath \"c:\wherever\example.com.pfx\").EndEntityCertificates.Thumbprint"` | |
echo "Cert thumbprint: " $thumbprint | |
echo "http rem/add sslcert ..." | |
# rereg sslcert | |
/mnt/c/Windows/SysWOW64/cmd.exe /c netsh http del sslcert ipport=0.0.0.0:xxxx | |
/mnt/c/Windows/SysWOW64/cmd.exe /c netsh http add sslcert ipport=0.0.0.0:xxxx certhash=$thumbprint appid={replace-me-with-guid} | |
echo "Done" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment