How to renew SSL with certbot via AWS Beanstalk commands?

francisrod01 · February 8, 2018, 2:17pm

Continuing the discussion from Updating my e-mail address with certbot:

How can I renew this way with AWS Beanstalk file commands?

I have a file with all commands to build a website in AWS EBS.

The file that call to certbot command as below.
This is a good sh file. I still working with it until works fine.

/etc/letsencrypt/configs/generate-cert.sh:
    mode: "000664"
    owner: root
    group: root
    content: |
      #!/bin/sh

      _EMAIL=
      _DOMAIN=

      while getopts ":e:d:" OPTION;
      do
        case "${OPTION}" in
          "e") _EMAIL="${OPTARG}";;
          "d") _DOMAIN="${OPTARG}";;
        esac
      done

      if [ -z "${_EMAIL}" ]; then
        echo "Param email isn't specified!"
      fi

      if [ -z "${_DOMAIN}" ]; then
        echo "Param domain isn't specified!"
      fi

      if [ -n "$_EMAIL" ] && [ -n "$_DOMAIN" ]; then
        cd /opt/certbot/
        ./certbot-auto certonly \
          --debug --non-interactive --email ${_EMAIL} \
          --webroot -w /usr/share/nginx/html --agree-tos -d ${_DOMAIN} --keep-until-expiring
      fi

      if [ $? -ne 0 ]
        then
          ERRORLOG="/var/log/letsencrypt/letsencrypt.log"
          echo "The Let's Encrypt cert has not been renewed!\n" >> $ERRORLOG
        else
          /etc/init.d/nginx reload
        fi
      
      exit 0

– I think that this sh file needs to more information about the website and me.

The container commands as below:

container_commands:
  00_removeconfig:
    command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
  01_copy_conf_file:
    command: "cp /etc/letsencrypt/configs/http_proxy.pre /etc/nginx/conf.d/http_proxy.conf; /etc/init.d/nginx reload"
  02_createdir:
    command: "mkdir /opt/certbot || true"
  03_installcertbot:
    command: "wget https://dl.eff.org/certbot-auto -O /opt/certbot/certbot-auto"
  04_permission:
    command: "chmod a+x /opt/certbot/certbot-auto"
  05_getcert:
    command: "sudo sh /etc/letsencrypt/configs/generate-cert.sh -e ${CERT_EMAIL} -d ${CERT_DOMAIN}"
  06_link:
    command: "ln -sf /etc/letsencrypt/live/${CERT_DOMAIN} /etc/letsencrypt/live/ebcert"
  07_copy_ssl_conf_file:
    command: "cp /etc/letsencrypt/configs/https_custom.pos /etc/nginx/conf.d/https_custom.conf; /etc/init.d/nginx reload"
  08_cronjob_renew:
    command: "sudo sh /etc/letsencrypt/configs/generate-cert.sh -e ${CERT_EMAIL} -d ${CERT_DOMAIN}"

The command 08_cronjob_renew is lot there, but it can run to renew in somewhere.

Please I need a help.

system · March 10, 2018, 2:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to renew the Let's Encrypt certificate? On Ubuntu @ EC2 instance of AWS Help	12	5912	February 21, 2021
Looking for the certbot equivalent to this old /opt/letsencrypt command Help	11	2080	November 24, 2018
Unable to renew SSL certificate using certbot Help	19	4082	August 4, 2022
The renew command output said it's not needed to renew, but when I visit demo.seafile.com, the browser told me "the certificate expired..." Help	4	1310	September 1, 2017
I can't renew my certificate with certbot renew command Help	3	252	March 19, 2024

How to renew SSL with certbot via AWS Beanstalk commands?

Related topics