Which VirtualHosts would you like to install the wildcard certificate for?

cguroo · May 24, 2018, 2:39am

While trying to generate and install a batch of certificate automatically through ansible, I am issuing the following command.

certbot -d *.example.in -d example.in -a dns-cloudflare -i apache -n --email info@example.com --agree-tos --expand --redirect --no-eff-email --keep-until-expiring

Upon which Its throwing the following error.

..."Missing command line flag or config entry for this setting:", "Which VirtualHosts would you like to install the wildcard certificate for?"...

Now, since its noninteractive I need to pass my choices via flags, so is there a flag to address the above prompt.

rg305 · May 24, 2018, 2:45am

try adding
certonly

[edit]
You should probably check:
certbot certificates
(before and after your test)

Once successful, you should be able to reference it via the new cert-name.
And it would also have a renewal conf file - which could reduce future renewals to just:
cerbot renew --cert-name <new.cert.name>

You will, however, be required to update any vhost files that will be using the new wildcard cert (but just once).

_az · May 24, 2018, 3:34am

It doesn’t seem as though Certbot’s Apache plugin provides a way to solve this non-interactively.

I would agree that certonly and pre-configuration of the virtualhost is probably better for Ansible. It more closely follows the concept of idempotency anyway, since the Apache plugin will alter your configuration.

cguroo · May 24, 2018, 2:25pm

So for the moment, I just went with using the “expect” module from ansible and reverted the installation mode back to interactive, then from the installation prompt input the choice, so that, I didn’t have to depend on any automation flag.

Osiris · May 24, 2018, 7:35pm

If there isn’t an issue on the certbot github page about this, it might me good to open one

system · June 23, 2018, 7:35pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.