Coder Social home page Coder Social logo

certbot-heroku-renewal's Introduction

Certbot & Heroku SSL Renewal Script

A shell script to automate the renewal of Certbot SSL certificates and their deployment to Heroku SSL.

Usage

sudo ./renew.sh DOMAIN HEROKU_APP_NAME

  • DOMAIN - the main domain name of the website you wish to renew. Can be found under /etc/letsencrypt/live
  • HEROKU_APP_NAME the name of the Heroku app against which the SSL certificates will be updated

e.g. sudo ./renew.sh foobar.co.uk foo-bar-app

Due to the opinionated directory permissions required by Certbot, this script must be run as root.

Conditionally Toggling The ACME Challenge Endpoint

The Heroku app against which I call this script has an ACME Challenge endpoint that can be toggled with an environment variable. This is commented out to demonstrate how this can be configured via the Heroku CLI.

certbot-heroku-renewal's People

Contributors

jamesseanwright avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

Forkers

jelko prettyinstant

certbot-heroku-renewal's Issues

broken: renew requesting ACME-challenge with certbot 0.10.0

Automatic renews don't work for me anymore. certbot is apparently requesting a new ACME response.

I receive this issue when running renew.sh:

Attempting to renew cert from /etc/letsencrypt/renewal/XXX.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.

Regarding the issue about this it is now possible to include a hook into the manual auth process.

Quoting:

manual:
  Authenticate through manual configuration or custom shell scripts. When
  using shell scripts, an authenticator script must be provided. The
  environment variables available to this script are $CERTBOT_DOMAIN which
  contains the domain being authenticated, $CERTBOT_VALIDATION which is the
  validation string, and $CERTBOT_TOKEN which is the filename of the
  resource requested when performing an HTTP-01 challenge. An additional
  cleanup script can also be provided and can use the additional variable
  $CERTBOT_AUTH_OUTPUT which contains the stdout output from the auth
  script.

  --manual-auth-hook MANUAL_AUTH_HOOK
                        Path or command to execute for the authentication
                        script (default: None)
  --manual-cleanup-hook MANUAL_CLEANUP_HOOK
                        Path or command to execute for the cleanup script
                        (default: None)
  --manual-public-ip-logging-ok
                        Automatically allows public IP logging (default: Ask)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.