Instantly share code, notes, and snippets.

Embed
What would you like to do?
Upgrade ECDSA Let's Encrypt on my Docker
#! /bin/bash
domain=your-domain.com
mail=you@your-domain.com
apt-get update; apt-get install git openssl
cd /srv
git clone https://github.com/letsencrypt/letsencrypt ; cd letsencrypt
mkdir -p live-ecdsa/$domain/lemp
cd live-ecdsa/$domain/
openssl ecparam -genkey -name secp384r1 > privkey-p384.pem
openssl req -new -sha256 -key privkey-p384.pem -subj "/CN=$domain" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:$domain")) -outform der -out >
cd lemp/
/srv/letsencrypt/letsencrypt-auto certonly -a webroot --email $mail --webroot-path /var/www/html/ --csr /srv/letsencrypt/live-ecdsa/$domain/csr-p384.der --renew-by-default --agree-tos
cat 0001* > /srv/letsencrypt/live-ecdsa/$domain/chain.pem
cd /etc/letsencrypt
mv live-ecdsa/ live-backup/
cp -r /srv/letsencrypt/live-ecdsa .
rm /srv/letsencrypt -r
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment