Created
March 6, 2018 11:36
-
-
Save li0nel/6cae382947e2d1f13ad594a1ef04f7cf to your computer and use it in GitHub Desktop.
Let's Encrypt certificates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a script that will use the AWS Route53 CLI to insert DNS TXT records for Let's Encrypt DNS validation | |
| echo 'aws route53 wait resource-record-sets-changed --id \ | |
| $(aws route53 change-resource-record-sets --hosted-zone-id \ | |
| "$(aws route53 list-hosted-zones-by-name --dns-name $2. | |
| --query HostedZones[0].Id --output text)" \ | |
| --query ChangeInfo.Id | |
| --output text \ | |
| --change-batch "{ | |
| \"Changes\": [{ | |
| \"Action\": \"$1\", | |
| \"ResourceRecordSet\": { | |
| \"Name\": \"_acme-challenge.${CERTBOT_DOMAIN}.\", | |
| \"ResourceRecords\": [{\"Value\": \"\\\"\"${CERTBOT_VALIDATION}\\\"\"\"}], | |
| \"Type\": \"TXT\", | |
| \"TTL\": 30 | |
| } | |
| }] | |
| }" | |
| )' > ./auth-hook.sh && chmod +x ./auth-hook.sh | |
| # Use Let's Encrypt certbot to order a free certificate | |
| certbot certonly --non-interactive --manual \ | |
| --manual-auth-hook "./auth-hook.sh UPSERT laravelaws.com" \ | |
| --manual-cleanup-hook "./auth-hook.sh DELETE laravelaws.com" \ | |
| --preferred-challenge dns \ | |
| --config-dir "./letsencrypt" \ | |
| --work-dir "./letsencrypt" \ | |
| --logs-dir "./letsencrypt" \ | |
| --agree-tos \ | |
| --manual-public-ip-logging-ok \ | |
| --domains laravelaws.com,www.laravelaws.com \ | |
| --email [email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment