I was hoping to get some guidance or direction on how to approach remote management (renewal) of Lets Encrypt certificates in serverless isntallations. I have Azure App Services (that run on abstracted compute which I can not get to or install Cert Bot on), the configuration of SSL certificates is achieved through Auzre API and is pretty straight forward. I also have Azure DNS to the app service that I can access via API and add txt records for challenges/etc.
I am entirely able to obtain certificates, add txt challenges, and upload/configure the certificates from a remote system however I am stuck on understanding the best approach on how I would automate this. I have configured CertBot to get all the certificates and some powershell to configure the DNS challenges/upload certificates once I have them.
I am stuck on the actual interaction from the client and how I obtain the challenge and then initiate the check. I can run certbot certonly --manual --preferred-challenges dns -d my.domain.com and then I am given the challenge key and a continue prompt.
Is there any programmatic or better/simple way to obtain the challenge first and then call again (with some pause or something after DNS is in place) to test for the challenge? I guess I am just looking for advice or tips on how to use --manual mode of CertBot (or any other client) with automation remotely for serverless applications. I am not sure if I can grep out plus send sleep commands to continue (after x seconds) in a shell script or something but I was thinking maybe I am just approaching this all wrong and could get some help.