Modify renewal file to include more parameters

pryrios · March 11, 2019, 1:04pm

Yup, searching a little bit more I eneded up on:

and:

github.com/certbot/certbot

Option to update renewal configuration

opened 10:55PM - 04 Apr 18 UTC

closed 04:07PM - 01 Jun 23 UTC

jmorahan

feature request area: renewal needs-update

As discussed at https://community.letsencrypt.org/t/how-to-regenerate-renewal-co…nfig-file/58628 It might be useful to have a method to safely update the renewal configuration for an existing certificate without actually renewing the certificate. Something like this maybe? `certbot certonly --reconfigure-only --cert-name example.com --apache -d example.com` So basically the existing interface for updating the config for an existing certificate, but with an additional option to not actually issue a cert immediately. Instead it could attempt a test issuance against the staging endpoint to verify that the updated settings would succeed in renewing the certificate, then write the updated options (but with account details for the live endpoint) to the existing renewal configuration file.

So ill luck modifying the configuration files. Just for completion sake, I think that changing the file to:

# renew_before_expiry = 30 days 
version = 0.31.0 
archive_dir = /path/to/certs_folder 
cert = /path/to/cert.pem 
privkey = /path/to/privkey.pem 
chain = /path/to/chain.pem 
fullchain = /path/to/fullchain.pem 

# Options used in the renewal process 
[renewalparams] 
authenticator = dns-cloudflare
installer = apache 
account = <ACCOUNT_KEY> 
server = https://acme-v02.api.letsencrypt.org/directory
dns_cloudflare_credentials = /home/pryrios/.secrets/cloudflare.ini

may do the trick, but nonetheless I prefer certbot to manage this file as instructed on documentation. (changes are to authenticator and adding dns_cloudflare_credentials param).