Hi All,
I've recently renewed a wildcard SSL for my domain vinayhegde.info via the certbot-auto utility due to issues with the certbot package on my System. You can find the command that I ran & it's output
sudo /path-to-/certbot-auto certonly --manual -d vinayhegde.info -d "*.vinayhegde.info" --agree-tos --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
Now I'm looking to automate its renewal every 90 days via a script that I'll use via a crontab on my server to run at periodic intervals and I've a few questions regarding the same:
-
Since I had to pass two flags in the domains on generation because a wildcard SSL doesn't cover the root domain, I had to create two TXT records for LetsEncrypt validation. Is this necessary every time?
-
Also, my DNS is managed via Cloudflare and after searching around, I found this post that has an embedded link to a blog post on how to proceed via API calls to most DNS providers create those TXT records & delete them as well. Is this the way to go when we renew the SSL via the above command in the certbot-auto utility or are there any other alternatives (read: easier)?
-
The script in point 2 has two arguments that can be passed create OR delete but it seems as if only the former is explicitly defined. What actually happens when we issue the delete argument?
@_az @bmw @Osiris @schoen, I'd greatly appreciate if you guys could please take a moment to weigh in with your recommendations here.
Do let me know if I can provide any more information.
Thanks & cheers,
Vinay