[kwlug-disc] Automatic renewal of wildcard certs
Mikalai Birukou
mb at 3nsoft.com
Wed Feb 27 16:44:21 EST 2019
Take a look at a script create-haproxy-with-certbot.sh in
https://kwlug.org/sites/default/files/2018-12/Mikalai-Modern_treasures_LXD-scripts-KWLUG-Dec2018.zip
(resource from KWLUG past talk).
Bash script sets certbot with for webroot option of serving acme via
haproxy (q1). In haproxy.cfg you add a respective backend for
.../acme... paths.
You run getting certs first time manually, and it will remember what
needs to be renewed, and how.
Script has post- and post-renewal hooks (q2). Pre-hook starts nginx that
handles actual acme get requests.
This works and does renewal in production. Yes, certbot set cron jobs in
ubuntu 18.
Cheers.
On 2019-02-27 2:34 p.m., Yas Adem wrote:
> Thanks for response Paul. Using letsencrypt.
>
> Regards
> Yasin
>
> On Wed, Feb 27, 2019, 2:18 PM Paul Nijjar via kwlug-disc,
> <kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>> wrote:
>
>
> I do not have such experience, but just to clarify: is this with Let's
> Encrypt, or are you using another certificate authority?
>
> - Paul
>
> On Wed, Feb 27, 2019 at 10:11:56AM -0500, Yas Adem wrote:
> > Hi Everyone,
> >
> > First time posting question in kwlug group. Wondering if anyone
> have any
> > experience enabling automatic renewal of wildcard certificate?
> Your help
> > much appreciated.
> >
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org <mailto:kwlug-disc at kwlug.org>
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
--
Mikalai Birukou
CEO | 3NSoft Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20190227/70e08d66/attachment.htm>
More information about the kwlug-disc
mailing list