I am trying to generate ssl certificate for my domain using certbot.
I am running(automatically in a script) command sudo certbot --nginx -d example.com -d www.example.com
This command is running good, but it is showing suggestion
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
I am running the command in a script, so it am unable to select any of above option. Please let me know, how can i remove this above suggestion or pass the param for this suggestion in the command.
Hello @JuergenAuer
Thanks for your response. It is the requirement of our client, to automate all the process. It would be very helpful if you can help me in this.
If you're getting that question, you're not properly automating things and you should modify your process.
Please write a proper script with proper certbot commands not leading to running this specific command (for issuing a first certificate) when a certificate already exists.
Bypassing this certbot question should not be your question here, it's a sign your not properly implementing certbot.
@Osiris above mentioned command was the only certbot command, I am using in my script. I am new in certbot, it would be helpful if you can guide how can I use certbot or any other certbot command to generate certificate in the automation process.
certbot renew. It's even possible that certbot was set up with a scheduled task (systemd timer or cron job) to do this periodically anyway--it's recommended to run it once or twice a day. And, of course, the certbot docs are your friend.
First, you must figure out what the GOAL of a certain command is. In your first post you say you want to "generate ssl certificate", but the output of the command you've used says you already have a certificate. So your goal obviously wasn't generating a certificate, as you already had one.
If your goal indeed was to test the command for first issuance of a certificate, but you're still testing stuff, you should ask yourself why certbot is asking questions when you already have a certificate: in that case your script testing isn't well designed.
So in essence: if the goal of your certbot command was to actually issue a first certificate, the command works perfectly in itself, but it's your script which is doing strange stuff (asking for a second certificate where there already is one).
Hopefully this clears some things up.
Also, please note the following: I have the strong feeling you're still experimenting and testing. If that's indeed the case, please use the staging environment for testing purposes if you didn't do so already.
@Osiris
The command sudo certbot --nginx -d example.com -d www.example.com in my automation script is showing below suggestion in terminal. How can I do this in my command rather than selecting option manually in terminal.
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Add --redirect to automatically choose to redirect http to https.
Add --no-redirect to automatically choose not to redirect http to https
Incidentally, that question isn't actually asked by modern versions of certbot (--redirect is automatic), so you might want to consider updating your certbot if possible.
As @Osiris mentioned, be sure to use something like this: