Running certbot behind proxy

reismade · June 15, 2021, 10:20am

Hi,

I'm running certbot on a server (RHEL 8) behind a company proxy. It works well if I set the proxy via environment variable (export https_proxy=...). After I set https_proxy, the auto-renewal worked for quite a while.

However, during the last maintenance window, probably some RHEL update was installed, or whatever it was, but https_proxy wasn't set anymore. I didn't notice, and some certs expired. I need a more permanent way to set the proxy. I know how to do it when it's triggered by a cron job, but since I installed the certbot as a snap, I don't have a clue anymore what exactly triggers the certbot or where to set the proxy. Please advice.

Regards,
Mario

_az · June 15, 2021, 10:28am

Since it is a systemd unit, something like this might work:

$ cat /etc/systemd/system/snap.certbot.renew.service.d/override.conf
[Service]
Environment=HTTPS_PROXY=https://192.168.0.1

(can also create the file by using systemctl edit snap.certbot.renew.service and pasting the two lines in).

_az · June 15, 2021, 11:16am

Also don't forget to systemctl daemon-reload afterwards for it to take effect!

system · July 15, 2021, 11:16am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Making certbot use an HTTP proxy? Help	2	589	September 14, 2022
Certbot cron renewal not working with proxy Help	7	2056	October 17, 2019
Making sure auto-renewal is enabled with certbot Help	10	20581	October 16, 2023
Snap install of certbot on ubuntu 22 - renew process Help	10	2755	June 1, 2023
Configuring Certbot to connect via proxy Help	9	2983	March 2, 2022

Running certbot behind proxy

Related topics