I am having multiple issues when trying to obtain a cert and automatize. So my question is:
The first step is to obtain the cert. I only manage to get it working like this: ./letsencrypt-auto certonly --webroot -w /var/www/.../action -d example.org -d www.example.org
All other methods fail on me. Whatever. No problem. I have my cert.
The next step is to manually configure the VirtualHost. No problem. I can do this to crank things up initially.
The third step is to automatize the renewal. Things like
./letsencrypt-auto certonly --apache --renew-by-default -d example.org -d www.example.org
fail on me so I again only got this working successfully:
In case I add this to a cronjob. Do I still have to do work manually on every renewal or does it just replace the old certs with the new ones. I am not sure how the server gets the new cert data in. Do I have to reaload the webserver at every renewal for the third step stated here?
To answer the first part, basically you can’t mix “certonly” with the “-apache” flag. The apache flag alters your Apache config, so it’s not “only” obtaining a cert. Certonly works with “standalone” or “webroot”.
To renew, just use the option “renew” and nothing else. That is, “letsencrypt renew”. Create a cron job or something and you’re done! The guide advises that you run the cron daily, but I’m running it weekly (I figure if the LE system is down, I still have two or three attempts before expiry).
There’s also a new flag introduced in v0.5 which allows you to run the command silently, so you won’t get an email if nothing goes wrong. (Sorry, I can’t remember it off the top of my head.)
Oh, and don’t forget to add “apache reload” or “postfix reload” to your cron job
The original rationale of the post to the other thread was the “Correct zName not found for TLS SNI challenge” issue covered and basically still not solved there. Since I have multiple further issues I did not even attempt to ask about I somehow ended up crossposting due to not knowing where to start with all these issues. Apart from that with all these commands I am sharing here are from just following step by step tutorials “out there”. So there is obviously heaps of b… Never mind. You covered what I wanted to know and what I do wrong. Thank you for your help!
Thank you for your help!