crypto:letsencrypt
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
crypto:letsencrypt [2018-12-22 17:46] – created gabriel | crypto:letsencrypt [2019-10-16 13:03] (current) – updated to semi-manual process with dns-route53 gabriel | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Let's Encrypt Usage Notes ====== | ====== Let's Encrypt Usage Notes ====== | ||
+ | We're currently using Let's Encrypt to generate and manage TLS certificates for quay.net and several other domains. | ||
- | <code sh> | + | Currently |
- | certbot certonly --dns-route53 --logs-dir / | + | |
- | sudo ./certbot-auto certonly | + | <code bash> |
- | sudo ./certbot-auto certonly --dns-route53 | + | #!/bin/bash |
+ | |||
+ | # my domains | ||
+ | mapfile | ||
+ | quay.net | ||
+ | gabriel.to | ||
+ | gabrielobrien.ca | ||
+ | k538.ca | ||
+ | unx.is | ||
+ | badphoto.ca | ||
+ | badphotography.ca | ||
+ | DOMAINS | ||
+ | |||
+ | # AWS credentials | ||
+ | export AWS_ACCESS_KEY_ID=" | ||
+ | export AWS_SECRET_ACCESS_KEY=" | ||
+ | |||
+ | # generate wildcard records for each domain | ||
+ | for domain in ${domains[@]}; | ||
+ | domainlist+=" | ||
+ | done | ||
+ | |||
+ | systemctl stop nginx | ||
+ | certbot certonly --dns-route53 | ||
+ | systemctl start nginx | ||
</ | </ |
crypto/letsencrypt.1545518809.txt.gz · Last modified: 2018-12-22 17:46 by gabriel