You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Brie Bruns 659009c97a
Update 'README.md'
10 months ago
certs Switched cert for ISRG Root X1 to cross signed to fix issues with passing checks 1 year ago
cron Permissions 7 years ago
CHANGELOG Updates to gen-cert.sh to make it more foolproof. 7 years ago
LICENSE Add license 7 years ago
README.md Update 'README.md' 10 months ago
apache-le-alias.conf Initial import 7 years ago
apache-le-proxy.conf Initial import 7 years ago
gen-cert.sh no message 3 years ago
gen-unifi-cert.sh Extra quotes... 1 year ago
get-letsencrypt.sh Fixing a few things... 7 years ago
nginx-le-root.conf Added nginx config 7 years ago

README.md

Lets Encrypt Scripts

Public Git URL: https://git.sosdg.org/brielle/lets-encrypt-scripts

By: Brielle Bruns bruns@2mbit.com

These are various scripts to make LetsEncrypt easier to use.

Files

Main Scripts

gen-cert.sh - Main script to make it easy to generate LE certs for domain(s)

gen-unifi-cert.sh - Script to add LE cert to a Unifi controller

Support Files

DSTROOTCAX3.txt - Root CA cert for use with the gen-unifi-cert.sh script (now optional and unneeded as the cert is embedded)

apache-le-alias.conf - Use with apache for LE well-known alias config

apache-le-proxy.conf - Use with apache for LE well-known proxy config

How To Use

gen-cert.sh

  1. Do initial cert generation (if using webroot, see script contents for more methods of authentication):

     gen-cert.sh -e email@address.com -d somedomain.com -d otherdomain.com -r /var/www/letsencrypt-root/
    
  2. Copy cron/renew-ssl-weekly.sh to /etc/cron.weekly, edit as appropriate

  3. Run:

     chmod 750 /etc/cron.weekly/renew-ssl-weekly.sh  
    
  4. Script will now run weekly and renew the certificate if necessary ( < 30 days remain). Don't forget to add any necessary file copies/symlinks/service restarts as needed once the scripts are updated.

gen-unifi-cert.sh

  1. Do initial cert generation:

     gen-unifi-cert.sh -e email@address.com -d unifi.somedomain.com -d unifi.someotherdomain.com
    
  2. Put in /etc/cron.weekly/renew-unifi-ssl if everything works okay:

     /path/to/script/gen-unifi-cert.sh -r -d unifi.somedomain.com -d unifi.someotherdomain.com
    
  3. Script will now run weekly and renew the certificate if necessary ( < 30 days remain) and restart unifi only if cert has been renewed.