Wildcard certificate with updates over API
cd /var/tmp
curl -Ls https://api.github.com/repos/go-acme/lego/releases/latest | \
grep browser_download_url | grep linux_amd64 | cut -d '"' -f 4 | \
wget -i -
tar xf lego_v*_linux_amd64.tar.gz
mv lego /usr/local/sbin/
lego -v
- Turning on DNS API with a service provider (Setting up ACL)
- Creating a script for a certificate request
nano -w /usr/local/sbin/get-cert.sh
#!/bin/sh
export VULTR_API_KEY=xxxAPI_KEYxxx
export VULTR_HTTP_TIMEOUT=60
export VULTR_POLLING_INTERVAL=60
export VULTR_PROPAGATION_TIMEOUT=300
export VULTR_TTL=300
lego --dns vultr \
--domains *.somedomain.name \
--domains somedomain.name \
--email null@somedomain.name \
--path="/etc/letsencrypt/somedomain.name" \
--accept-tos run
- Setting up permissions and executing
chmod +x /usr/local/sbin/get-cert.sh
get-cert.sh
ls -alrt /etc/letsencrypt/somedomain.name
- Creating a script for a certificate update
nano -w /usr/local/sbin/renew-cert.sh
#!/bin/sh
export VULTR_API_KEY=xxxAPI_KEYxxx
export VULTR_HTTP_TIMEOUT=60
export VULTR_POLLING_INTERVAL=60
export VULTR_PROPAGATION_TIMEOUT=300
export VULTR_TTL=300
lego --dns vultr \
--domains *.somedomain.name \
--domains somedomain.name \
--email null@somedomain.name \
--path="/etc/letsencrypt/somedomain.name" \
--accept-tos renew
- Setting up permissions and checking
chmod +x /usr/local/sbin/renew-cert.sh
renew-cert.sh
crontab -u root -e
5 6 * * 1 /usr/local/sbin/renew-cert.sh 2> /dev/null
crontab -u root -l
