[TOP TIP] Let's encrypt bash script!
I found a rather impressive client, fully written as a bash script, which has a very low memory footprint and runs beautifully on linode servers. I'm not the author, but I think others may find it useful, you can get it from: https://github.com/lukas2511/dehydrated
I've been using it for quite some time over the python client and I'm very happy, it is very nicely coded and has active support from the developer. Here is how I've set it up:
download under /root/letsencrypt
create the directory /etc/pki/letsencrypt
create the file /etc/pki/letsencrypt/domains.txt
add all my domains/subdomains/aliases into the domains.txt file
modify the config.sh file to point BASEDIR to /etc/pki/letsencrypt
modify the config.sh file to point CONTACT_EMAIL to an email address
modify the config.sh file to point WELLKNOWN to a publicly accessible web directory (port 80 only!)
run /root/letsencrypt/letsencrypt.sh –cron --config /root/letsencrypt/config.sh
You may then symlink the certificates from /etc/pki/letsencrypt/certs/ to /etc/pki/tls/ (certs & private)
Here is a quick cron job to make the above run once per day:
#minute (0-59)
#| hour (0-23)
#| | day of the month (1-31)
#| | | month of the year (1-12 or Jan-Dec)
#| | | | day of the week (0-6 with 0=Sun or Sun-Sat)
#| | | | | commands
#| | | | | |
4 4 * * * /root/letsencrypt/dehydrated --cron --config /root/letsencrypt/config --challenge http-01 >/dev/null
edit
The project changed its name to "Dehydrated" because "letsencrypt.sh" was too similar to the official name of Let's Encrypt. I updated the download link above, but the rest of the instructions remain the same. I also added the cron job command. Enjoy…
3 Replies
The project changed its name to "Dehydrated" because "letsencrypt.sh" was too similar to the official name of Let's Encrypt. I updated the download link above, but the rest of the instructions remain the same. I also added the cron job command. Enjoy…