User Tools

Site Tools


Let's Encrypt Usage Notes

We're currently using Let's Encrypt to generate and manage TLS certificates for and several other domains.

Currently is hosted on Amazon's EC2 and uses the AWS Route 53 service for public DNS on the Internet. We can use the certbot dns-route53 plugin with Debian 10 to manage authentication using the following script.

# my domains
mapfile -t domains <<-DOMAINS
# AWS credentials
export AWS_ACCESS_KEY_ID="my key id"
export AWS_SECRET_ACCESS_KEY="my secret"
# generate wildcard records for each domain
for domain in ${domains[@]}; do
  domainlist+="-d $domain -d *.${domain} "
systemctl stop nginx
certbot certonly --dns-route53 $domainlist
systemctl start nginx
crypto/letsencrypt.txt · Last modified: 2019-10-16 13:03 by gabriel