NodeBalancer Auto-Renew SSL Lets Encrypt?

I'm curious why the ability to create an auto-renewing Lets Encrypt SSL certificate on a Node Balancer doesn't exist yet?

This seems like it would be a relatively easy and powerful win for Linode.

Is there any place to make this a feature request?

3 Replies

I have passed along this feature request on your behalf, but you can always submit feedback using this form if you have other requests in the future.

While I hope we can roll out a more direct way to do this or create a custom guide in the future, I did find some third-party resources that can help you with this, though I haven't tested them:

I created an implementation using DNS-01, this doesn't require proxying to the Linode as defined in the "GitHub - Let's Encrypt Linode" link and it's basically just a script that needs to be run on a nanode.

Here's the link if anyone is looking for this in the future

https://github.com/benlabbeus/nodebalancer-ssl

  1. Install linode-cli

  2. Generate Access Token

  3. Setting linode-cli
    $ linode-cli configure

  4. Find nodeBalancerId
    $ linode-cli nodebalancers list
    id label
    12345 myNB

  5. Find configId of nodeBalancerId
    $ linode-cli nodebalancers configs-list 12345
    id port protocol
    4567 443 https

  6. Update certificate of NodeBalancer
    $ linode-cli nodebalancers config-update 12345 4567 --ssl_cert /etc/letsencrypt/live/{your_domain}/fullchain.pem --ssl_key /etc/letsencrypt/live/{your_domain}/privkey.pem

  7. Edit crontab to update NodeBalancer after renew Let's Encrypt certifiate

I have written a note in Chinese here:
[Linode] NodeBalancer 使用 Let's Encrypt SSL憑証

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct