...
Code Block |
---|
language | bash |
---|
title | Testing Automatic Update Command |
---|
|
user@ls:/var/www# sudo ./certbot-auto --config /etc/letsencrypt/configs/ls.datim4u.org.conf certonly --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for cert.test2.ohie.org
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Generating key (4096 bits): /etc/letsencrypt/keys/0009_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0009_csr-certbot.pem
IMPORTANT NOTES:
- The dry run was successful. |
2. Create a bash script to run when a certificate is updated, updating the certificates recorded in the OpenHIM system. Store this script under `/bin/certbot_renewal/update_OpenHIM.sh`. Ensure it is executable by running `sudo chmod +x /bin/certbotrenewal/updateOpenHIMcertbot_renewal/update_OpenHIM.sh`.
Code Block |
---|
language | bash |
---|
title | Testing Automatic Update Commandupdate_OpenHIM.sh |
---|
|
In Progress |
...
3. Create a bash script for cronjob to run.which will be run by a cronjob. Store this script under `/bin/certbot_renewal/renewal_cronjob.sh. Ensure it is executable by running `sudo chmod +x /bin/certbot_renewal/renewal_cronjob.sh`.
Code Block |
---|
language | bash |
---|
title | renewal_cronjob.sh |
---|
|
Code Block |
---|
language | bash |
---|
title | Testing Automatic Update Command |
---|
|
#!/bin/bash
## navigate to directory with ./certbot-auto
cd /path/to/certbot-auto
##
sudo ./certbot-auto --config /etc/letsencrypt/check if the certificate is expiring soon and renew it if needed
sudo ./certbot-auto --config /etc/letsencrypt/configs/cert.test2.ohie.org certonly --renew-hook "/bin/certbotrenewal/updateOpenHIMcertbot_renewal/update_OpenHIM.sh" -n
# -n ensures a noninteractive session
# --renew-hook command only fires if a certificate is renewed
exit 0 |
4. Create a cronjob to run twice a day, once at 1AM and once at 1PM. Run `crontab -e`. Inside
Code Block |
---|
language | bash |
---|
title | Setting the Cronjob |
---|
|
crontab -e
---------------
|