Certbot --nginx other options?


#1

Hello,

I am using certbot --nginx to generate certificates for new sites that I add to my nginx configuration. When I add a new nginx conf file (example: sub.newdomain.com.conf), I am running this command to generate the cert for this new domain/conf file. I want to automate this entire process via some script or server function, but the certbot --nginx command requires manually interaction. First it asks which conf file to use (so I provide that) then it asks whether or not to add redirect (and I provide my answer).

Is there any way for me provide these instructions as part of the command?


#2

Hi @turbopgt

you can use a config file:

And you can add

--redirect

or

--no-redirect 

#3

Yes.

But it still needs some human intervention (for the first issuance)

-d was supposed to specify the FQDNs you wished to include in that certificate. (Example: -d example.com -d www.example.com -d thisisatest.example.com)

and as @JuergenAuer mentioned above, you could use --no-redirect or --redirect to specify if you want certbot to set up redirection.

FYI: if a certificate is close to expiration and you want to renew it, just run certbot renew. (this command could be used inside cron or systemd timers.

Thank you


#4

Thank you this helped me a lot.

I am now able to run:

certbot --nginx -d www.example.com --no-redirect

And the result is a fully automated deployment. This command is now part of a larger script that is also generating the site-specific nginx conf file prior to this step.

For the curious, the only reason I have set --no-redirect is because the conf file being generated already has a redirect in place.