Difference between revisions of "Template:Let’s Encrypt/New Cert Command"

From wiki
(Rename script)
(Make post command optional)
 
(One intermediate revision by the same user not shown)
Line 6: Line 6:
 
"params": {
 
"params": {
 
"domain": {
 
"domain": {
"description": "For wich domain will you certificate be issued",
+
"description": "For which domain will you certificate be issued",
 
"example": "wiki.example.com",
 
"example": "wiki.example.com",
 
"type": "string",
 
"type": "string",
Line 15: Line 15:
 
"example": "service nginx restart",
 
"example": "service nginx restart",
 
"type": "string",
 
"type": "string",
"required": true
+
"suggested": true
 
},
 
},
 
"beforeCommand": {
 
"beforeCommand": {
Line 32: Line 32:
 
</noinclude><includeonly>{{#tag:syntaxhighlight|
 
</noinclude><includeonly>{{#tag:syntaxhighlight|
 
{{#if: {{{beforeCommand|}}} | {{{beforeCommand}}} }}
 
{{#if: {{{beforeCommand|}}} | {{{beforeCommand}}} }}
# /usr/local/sbin/certmanage
+
$ sudo /usr/local/sbin/certmanage
 
Renewing certificate for {{{domain}}} that will expire on 0001-01-01
 
Renewing certificate for {{{domain}}} that will expire on 0001-01-01
  
 
+
Saving debug log to /var/log/letsencrypt/letsencrypt.log
 +
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
 +
Obtaining a new certificate
 +
Performing the following challenges:
 +
http-01 challenge for {{{domain}}}
 +
Using the webroot path /var/www/acme-challenge for all unmatched domains.
 +
Waiting for verification...
 +
Cleaning up challenges
 +
Generating key (2048 bits): /etc/letsencrypt/keys/1764_key-certbot.pem
 +
Creating CSR: /etc/letsencrypt/csr/1764_csr-certbot.pem
  
 
IMPORTANT NOTES:
 
IMPORTANT NOTES:
 
  - Congratulations! Your certificate and chain have been saved at
 
  - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/{{{domain}}}/fullchain.pem. Your
+
   /etc/letsencrypt/live/{{{domain}}}/fullchain.pem. Your cert
   cert will expire on {{#time: Y-m-d | now + 90 day}}. To obtain a new version of the
+
   will expire on {{#time: Y-m-d | now + 90 day}}. To obtain a new or tweaked version of
   certificate in the future, simply run Let's Encrypt again.
+
   this certificate in the future, simply run certbot again. To
  - If you like Let's Encrypt, please consider supporting our work by:
+
  non-interactively renew *all* of your certificates, run "certbot
 +
  renew"
 +
  - If you like Certbot, please consider supporting our work by:
  
 
   Donating to ISRG / Let's Encrypt:  https://letsencrypt.org/donate
 
   Donating to ISRG / Let's Encrypt:  https://letsencrypt.org/donate
 
   Donating to EFF:                    https://eff.org/donate-le
 
   Donating to EFF:                    https://eff.org/donate-le
  
Restarting services:
+
{{#if: {{{command|}}} | Restarting services:
{{{command}}}
+
{{{command}}} }}
 
|lang="console"}}</includeonly>
 
|lang="console"}}</includeonly>

Latest revision as of 09:41, 2 April 2017

Description

Show Let’s Encrypt command to create a new certificate

Template parameters

ParameterDescriptionTypeStatus
Domaindomain

For which domain will you certificate be issued

Example
wiki.example.com
Stringrequired
Commandcommand

Command to be run after certificate creation

Example
service nginx restart
Stringsuggested
Before CommandbeforeCommand

Command to be run before getting the certificate

Example
# service nginx reload
Stringoptional

Example

{{Let’s Encrypt/New Cert Command|domain=example.com|command=service nginx reload}}

$ sudo /usr/local/sbin/certmanage
Renewing certificate for example.com that will expire on 0001-01-01

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Using the webroot path /var/www/acme-challenge for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/1764_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/1764_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/example.com/fullchain.pem. Your cert
   will expire on 2025-02-19. To obtain a new or tweaked version of
   this certificate in the future, simply run certbot again. To
   non-interactively renew *all* of your certificates, run "certbot
   renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Restarting services:
service nginx reload