Windows assume identity

ggg · August 2, 2020, 2:09pm

I am trying to determine if webroot or manual mode is better for me.

I need to run as a particular service account for placement. I could use symlinks to make placement transparent to certbot.

Is there a way to hook in when the command runs automatically (i.e. via the renew job created in the task scheduler) to assume the identity of a group managed service account with the webroot plugin? I am worried about manually modifying the tasks as it might break in the future as installation is upgraded.

Or will this require the manual mode?

9peppe · August 2, 2020, 2:12pm

You can run certbot as its user, and use --deploy-hook to run a script that assumes another identity and installs the certificate.

ggg · August 2, 2020, 4:34pm

Thanks. I thought that was renew only

system · September 1, 2020, 4:34pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot Non-root automatic renewal Help	6	106	January 1, 2025
Certbot Renew Task -Windows Setting Help	14	1859	July 29, 2023
Renewal: is it possible to run it same as new issue with --webroot? Help	10	734	September 30, 2020
Use on windows server Help	5	677	August 29, 2020
Certbot must be run as root but I need it to create the files with a different owner Help	13	6059	June 10, 2021

Windows assume identity

Related topics