Certbot

Aus Carl-Christian Sautter - Wiki
Wechseln zu: Navigation, Suche

Zertifikat anfordern

Hauptdomain und Subdomain

#!/bin/bash

domain="domain.com"

certbot certonly --webroot -w /var/www/$domain/web -d $domain -d www.$domain

cd /var/www/$domain/ssl/
mv $domain.bundle $domain.bundle.back
mv $domain.crt $domain.crt.back
mv $domain.csr $domain.csr.back
mv $domain.key $domain.key.back
ln -s /etc/letsencrypt/live/$domain/cert.pem $domain.crt
ln -s /etc/letsencrypt/live/$domain/privkey.pem $domain.key
ln -s /etc/letsencrypt/live/$domain/fullchain.pem $domain.bundle

service apache2 reload

Nur Subdomain

#!/bin/bash

domain="sub.domain.de"

certbot certonly --webroot -w /var/www/$domain/web -d $domain

cd /var/www/$domain/ssl/
mv $domain.bundle $domain.bundle.back
mv $domain.crt $domain.crt.back
mv $domain.csr $domain.csr.back
mv $domain.key $domain.key.back
ln -s /etc/letsencrypt/live/$domain/cert.pem $domain.crt
ln -s /etc/letsencrypt/live/$domain/privkey.pem $domain.key
ln -s /etc/letsencrypt/live/$domain/fullchain.pem $domain.bundle

service apache2 reload

Crontab

3 6 * * 0 certbot renew --post-hook "service apache2 reload"