Is it possible to have a certificate issued in a completely automated way, for example as part of provisioning a new host?
I haven’t been able to figure out yet how to get a certificate issued without the interactive terminal UI popping up, although I am close. If I run it like so:
letsencrypt --server https://acme-v01.api.letsencrypt.org/directory \
-d foo.example.net --agree-dev-preview --agree-tos \
certonly
The UI pops up and asks me only for my email address. It looks like the --account
option is the way to go, but if I provide my email address with it:
letsencrypt --server https://acme-v01.api.letsencrypt.org/directory \
-d foo.example.net --agree-dev-preview --agree-tos --account joe@example.net \
certonly
I get the error:
Account at /etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/joe@example.net does not exist
Ultimately I’d like to add this as a template to something like ansible so we can get certificates issued automatically for new hosts as we provision them, but that means it needs to be completely free of any human interaction.
Anyone have any ideas? Am I heading in the right direction?