- run command after cert issuance

The wiki lists several similar options, and I’d like a little guidance as to which is the best to use here. I’ve hacked together a script to deploy a cert to a FreeNAS server using the FreeNAS API. So I want to be able to issue the cert, call this script after issuance, and also have it be called any time the cert is renewed. Am I right in thinking that --reloadcmd would be the option to use here?

That seems like a reasonable choice to me.

The other options seem to be --post-hook, --renew-hook or --deploy-hook. Apparently --post-hook runs whether the certificate was successfully issued or not; --renew-hook seems not to run after the initial issuance, only after renewal[*]; and --deploy-hook seems to expect a shell function rather than a generic command. So despite the name I think you’re correct in thinking --reloadcmd is the best option to use.

[*] based on reading the source rather than testing, so I may be wrong about that, but that’s also how certbot’s hook of the same name behaves.

Yeah, I was a little hesitant due to the name, but the docs made it sound like it would be the most relevant. Thanks.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.