Created
January 22, 2018 10:35
-
-
Save willpower232/e91e88e7d55bee364846f2d14eacc3df to your computer and use it in GitHub Desktop.
Certbot with DNS verification and AWS route53 plugin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# run these first to install certbot globally with the route53 plugin | |
# $ sudo apt install python-setuptools | |
# $ sudo easy_install pip | |
# $ sudo -H pip install certbot-dns-route53 | |
# verify the route53 plugin is present | |
# $ certbot plugins | |
# now create some credentials from AWS and copy here | |
# - https://github.com/certbot/certbot/tree/master/certbot-dns-route53 | |
# - https://github.com/certbot/certbot/blob/master/certbot-dns-route53/examples/sample-aws-policy.json | |
export AWS_ACCESS_KEY_ID="accesskeyhere" | |
export AWS_SECRET_ACCESS_KEY="secretkeyhere" | |
certbot certonly -n --agree-tos --email you@example.com --dns-route53 -d whatever.example.com -d whatever2.example.co.uk | |
# if you have used root keys, delete script from server and keys from AWS now |
Some commands for upgrades
sudo pip install --upgrade pip
pip list
sudo -H pip install certbot certbot-dns-route53 --upgrade
don't forget to use pip3
and if you're updating, you should also pip3 install requests --upgrade
apparently
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Don't forget that webroot is still a valid way of doing things
certbot certonly --webroot --webroot-path /org/websites/user/example.com/www/public_html/ -d example.com -d www.example.com
and that the order of the certificates will be used for the directory so leave www. to the end 😉