NodeBalancer Auto-Renew SSL Lets Encrypt?
I'm curious why the ability to create an auto-renewing Lets Encrypt SSL certificate on a Node Balancer doesn't exist yet?
This seems like it would be a relatively easy and powerful win for Linode.
Is there any place to make this a feature request?
3 Replies
CassandraD
Linode Staff
I have passed along this feature request on your behalf, but you can always submit feedback using this form if you have other requests in the future.
While I hope we can roll out a more direct way to do this or create a custom guide in the future, I did find some third-party resources that can help you with this, though I haven't tested them:
GitHub - Let's Encrypt Linode - A user has created this Docker container to help with using Let's Encrypt with NodeBalancers.
Let’s Encrypt HTTPS + Linode NodeBalancer - This source is a bit old, so you may need to update some commands using our Certbot Guides.
I created an implementation using DNS-01, this doesn't require proxying to the Linode as defined in the "GitHub - Let's Encrypt Linode" link and it's basically just a script that needs to be run on a nanode.
Here's the link if anyone is looking for this in the future
Setting linode-cli
$ linode-cli configureFind nodeBalancerId
$ linode-cli nodebalancers list
id label
12345 myNBFind configId of nodeBalancerId
$ linode-cli nodebalancers configs-list 12345
id port protocol
4567 443 httpsUpdate certificate of NodeBalancer
$ linode-cli nodebalancers config-update 12345 4567 --ssl_cert /etc/letsencrypt/live/{your_domain}/fullchain.pem --ssl_key /etc/letsencrypt/live/{your_domain}/privkey.pemEdit crontab to update NodeBalancer after renew Let's Encrypt certifiate
I have written a note in Chinese here:
[Linode] NodeBalancer 使用 Let's Encrypt SSL憑証