Sometimes you just need a valid TLS certificate, even in environments where you cannot access TCP ports 80 and / or 443 for obtaining certificates via automatic challenges like http-01 or TLS-ALPN-01. Sometimes you just want to download it fast to manually copy it to the final server, without any requirement of automatic refresh.
And here you are 🚀
This shell script provides a Docker based command for manually creating a TLS certificate with Lets' Encrypt using DNS-01 Challenge.
This project is based on Certbot and accepts the required arguments, like notification E-Mail, DNS name and provider stage from the command line.
- Working Docker environment.
- Access to a Domain Name Service provider
- Access to a bash, sh or whatever shell terminal
- Clone the repository or simply copy the content of create-cert.sh into a new shell script file (this new script file might need execution permissions, see
chmod +x) - Run the shell script and add the required arguments:
| argument | description |
|---|---|
| e | E-Mail where Let's encrypt will send expiring notifications |
| d | DNS name to use in the certificate |
| p | If given it will use "Production Environment" certificate issuer. Otherwise "Staging Environment" |
Please have a look at the Staging Environment documentation of Let's Encrypt for further details.
Example:
./create-cert.sh -e [email protected] -d mydomain.example.com -p- Follow the instructions in the commandline. You will need to manually create a TXT record with a given subdomain and a specific value in your DNS settings for the provided domain.
- A new folder certs will be created, containing the certificate (see subfolder live) and all account settings.
- Leve a ⭐️ if you like the project :)
- Have a coffee... ☕️