mehdi-mac/certbot-docker-script
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

First commit.

Browse Source
This commit is contained in:
Mehdi (OSX) 2023-11-22 15:20:45 +05:00
parent b1294b9490
commit c0cff94895
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -2,12 +2,11 @@
--- ---
## Info:
- It uses certbot's docker to generate LetsEncrypt SSL certificates, and it comes with simple script to generate and renew certificate for **single domain.** - It uses certbot's docker to generate LetsEncrypt SSL certificates, and it comes with simple script to generate and renew certificate for **single domain.**
- It **does not support multiple domains**. But you can create certificate for test.com, abc.test.com, *.test.com (wildcard). - It **does not support multiple domains**. But you can create certificate for test.com, abc.test.com, *.test.com (wildcard).
---
## Info:
- This script will **create** SSL certificates based on `${new_ssl_command}`. - This script will **create** SSL certificates based on `${new_ssl_command}`.
- If the `${live_certs_dir}` and `${live_certs_dir}/cert.pem` exist then certificate is **renewed** based on `${renew_command}` - If the `${live_certs_dir}` and `${live_certs_dir}/cert.pem` exist then certificate is **renewed** based on `${renew_command}`
- Post hook is only executed: - Post hook is only executed:
@ -22,7 +21,7 @@ ## Usage:
- Set executable permission: `chmod +x generate-certs.sh` - Set executable permission: `chmod +x generate-certs.sh`
- Run: `generate-certs.sh` - Run: `generate-certs.sh`
- After the certificates are created: - After the certificates are created:
- Make sure to mount both `certs/test.com/live` and `certs/test.com/archive` directory, and use `live/*.pem` certificates in your nginx config. - Make sure to mount both `certs/live/test.com` and `certs/archive/test.com` directory, and use `live/test.com/*.pem` certificates in your nginx config.
- Because archive directory has actual files, but live directory has symlink to archive. In archive, certs are stored like this fullchain1.pem, cert1.pem and number is increased based on renewals. But live folder has direct certificates without number like cert.pem, fullchain.pem - Because archive directory has actual files, but live directory has symlink to archive. In archive, certs are stored like this fullchain1.pem, cert1.pem and number is increased based on renewals. But live folder has direct certificates without number like cert.pem, fullchain.pem
- Also use certbot nginx options file in your nginx config: https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf - Also use certbot nginx options file in your nginx config: https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf