Skip to content

Certbot Automatic Certificate Renewal #210

@morganney

Description

@morganney

Currently I am using the manual certification process with certbot:

sudo certbot certonly --manual --preferred-challenges dns -d busmap.online -d try.busmap.online

I forget the exact reasons why I am doing it this way (most certainly because other methods weren't working).

This method has two shortcomings:

  • Requires deploying a DNS TXT record for each registered domain.
  • Prevents automatic renew with the following reasons:
    • This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.

Look into the --manual-auth-hook option and see what that entails. Most likely requires a script that sets up the necessary DNS TXT challenges. That, or find a way to support automatic renewal with certbot on the EC2 intanance.

Metadata

Metadata

Assignees

No one assigned

    Labels

    cdRelated to deployment automation.enhancementNew feature or requestwebRelated to the web package and nginx changes.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions