Script letsencrypt multidomain


#1

hi,
I am looking to make a script to renew automatic multi domain letsencrypt

Here is the script that I retrieved on the net and that I adapted

"#! / Bin / sh

DOMAIN = prod-cald-sooner.universcine.com www.cinemasalademande.com

move to the correct let’s encrypt directory

cd / etc / letsencrypt / live / $ DOMAIN

cat files to make combined .pem for haproxy

cat fullchain.pem privkey.pem> /usr/local/etc/haproxy/certs/$DOMAIN.pem

reload haproxy

/ usr / sbin / service haproxy reload "

I then did:

sudo certbot renew --dry-run

And he put me several error messages:

Attempting to parse the version 0.23.0 renewal configuration file found at /etc/letsencrypt/renewal/www.cinemasalademande.com.conf with version 0.14.2 of Certbot This might not work.
Cert not due for renewal, but simulating renewal for dry run
Could not choose appropriate plugin: The requested apache plugin does not appear to be installed
Attempting to renew cert from /etc/letsencrypt/renewal/www.cinemasalademande.com.conf produced an unexpected error: The requested apache plugin does not appear to be installed. Skipping.
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

The following certs were successfully renewed:
/etc/letsencrypt/live/prod-cald-sooner.universcine.com/fullchain.pem (success)

The following certs could not be renewed:
/etc/letsencrypt/live/prod-cald-sooner.universcine.com-0001/fullchain.pem (failure)
/etc/letsencrypt/live/www.cinemasalademande.com/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)


#2

Hi @mattmurdock78,

There are lots of things to comment on here:

This needs to be #!/bin/sh, not #! / Bin / sh.

And this needs to be cd /etc/letsencrypt/live/$DOMAIN. However, it doesn’t make sense with multiple domains, only with a single domain.

This script appears to be something like what Certbot called a deploy script, which is meant to be run by Certbot after a successful renewal has happened in order to make use of the newly-renewed certificates in an appropriate way. However, it’s not quite right for that purpose, because it’s hard-coded the domain name. It would be helpful to know exactly what you’re trying to do with this script.

This shows that you have both certbot (from your operating system package manager) and certbot-auto (from having downloaded it from our site) installed on your system at the same time. They continue to be distinct and have separate versions. You should probably continue to use certbot-auto rather than certbot.

This may be possibly also be due to the certbot vs. certbot-auto issue.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.