Created
November 23, 2022 08:56
-
-
Save einari/2de63fdf2c761298debd5cbd7ae16851 to your computer and use it in GitHub Desktop.
Script for creating a Lets Encrypt certificate using Certbot and then exporting to .pfx file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo certbot \ | |
| certonly \ | |
| --server https://acme-v02.api.letsencrypt.org/directory \ | |
| --manual \ | |
| --agree-tos \ | |
| --preferred-challenges dns \ | |
| --register-unsafely-without-email \ | |
| -d *.domain. # Wildcard - could be regular and one can also specify multiple -d options to include in the certificate | |
| # Copy locally and chown to user | |
| sudo cp /etc/letsencrypt/live/<domain>/cert.pem . | |
| sudo cp /etc/letsencrypt/live/<domain>/chain.pem . | |
| sudo cp /etc/letsencrypt/live/<domain>/fullchain.pem . | |
| sudo cp /etc/letsencrypt/live/<domain>/privkey.pem . | |
| sudo chown $(whoami) *.pem | |
| # Export to pfx | |
| openssl pkcs12 -inkey privkey.pem -in cert.pem -export -out certificate.pfx | |
| # Convert to PFX | |
| # https://stackoverflow.com/questions/808669/convert-a-cert-pem-certificate-to-a-pfx-certificate | |
| # | |
| # openssl pkcs12 -inkey privkey.pem -in cert.pem -export -out certificate.pfx | |
| # | |
| # https://stefanos.cloud/kb/how-to-issue-lets-encrypt-certificates-using-certbot-with-dns-validation/ | |
| # | |
| # openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment