I have 3 servers, I created a letsencrypt wildcard certificate and verified it in cloudflare.
I’m writing a bash script that should renew the certificate, ssh to all the servers and place the certificate in the appropriate location then restart the web servers.
when the dns certificate expires and I need to test and see if my bash script runs correctly. If I run this command now, the certificate hasn’t yet expired so I’m going to be asked two questions, so it’s not going to be the same output if the certificate expires.
I need to create a scenario that I can use to test my script.
I use the following shell function to get the expiry time expressed in seconds since the epoch. After that it is just simple integer math with the current datetime also expressed in the same format.
So this returns the expiry date, perfect thank you so much! I also need to know what happens when I run the auto renew, I need to simulate it.
Like do I need to write yes? do I need to connect the cloudflare’s api? you know, I haven’t found a decisive answer on how to renew dns wildcard so I need to run certbot to see the output in the terminal and see what actions need to be taken.
I wouldn’t recommend running certbot like this. Certbot is meant to be run on it’s own (if I’m not mistaken). The idea is that necessary steps before, during or after the issuing/renewing of the certificate are ran by certbot self. It has multiple options which allow commands and/or scripts to be run on different times in the renewal process.
Especially for the manual plugin this is required: when using --manual without the required “hooks”, certbot will ask you tasks and questions about the required TXT records and require manual input. The idea is to use scripts in those “hooks”, so certbot can run without any interaction by the user.
It is if he/she wants to implement automated renewal and wants to test the "does this certificate needs renewal or not" function.
In any case, you can't force a certificate to expire: a certificates "Not after" date and time is an essential part of the certificate and is signed by the signing private key. This cannot be altered.
Put the files from here in /root/
Replace YOUR_TOKEN_HERE with your Cloudflare API token
I’ve tinkered with this script till it worked for me. Hopefully, it works for you