Last active
November 2, 2021 09:26
-
-
Save thejimnicholson/bb27d6a4c521224a6d6e5b61da48b095 to your computer and use it in GitHub Desktop.
Use acme.sh with letsencrypt and AWS Route 53 on a Zentyal server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Run this on your Zentyal server from an ssh session as root. | |
# | |
# Inject your AWS credentials here | |
export AWS_ACCESS_KEY_ID="" | |
export AWS_SECRET_ACCESS_KEY="" | |
export HOST_FQDN="my.domain.com" | |
export ACCOUNT_EMAIL="your@email.co" | |
apt install -y git socat | |
cd /tmp | |
git clone https://github.com/acmesh-official/acme.sh.git | |
cd acme.sh | |
./acme.sh --install --accountemail ${ACCOUNT_EMAIL} | |
# Restart your root shell at this point, by (for example) logging out and back in. | |
# Set the default CA to letsencrypt | |
acme.sh --set-default-ca --server letsencryptacme.sh | |
acme.sh --issue -d ${HOST_FQDN} --dns dns_aws --ocsp-must-staple --keylength 4096 --force --log | |
acme.sh --install-cert -d ${HOST_FQDN} \ | |
--reloadcmd "cat /root/.acme.sh/${HOST_FQDN}/${HOST_FQDN}.cer /root/.acme.sh/${HOST_FQDN}/${HOST_FQDN}.key > /var/lib/zentyal/conf/ssl/ssl.pem && systemctl restart zentyal.webadmin-nginx.service" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment