I created a couple of scripts
1/ the script to create the certs
root@groupmgt:~# cat createCert.sh
#######################################
### create cert with letsencrypt ###
#######################################
#!/bin/ksh
file=”${1:-/dev/null}”
while read domain
do
echo “==================================”
echo “$domain”
#ping -c 1 $domain
#
# run command letsencrupt
letsencrypt certonly –text –webroot –webroot-path /tmp -d $domain –renew-by-default –agree-tos –email rcveen@gmail.com
echo “==================================”
done <“$file”
the second script will create the pem files for haproxy
root@groupmgt:~# cat createCert.sh
#######################################
### create cert with letsencrypt ###
#######################################
#!/bin/ksh
file=”${1:-/dev/null}”
while read domain
do
echo “==================================”
echo “$domain”
#ping -c 1 $domain
#
# run command letsencrupt
letsencrypt certonly –text –webroot –webroot-path /tmp -d $domain –renew-by-default –agree-tos –email rcveen@gmail.com
echo “==================================”
done <“$file”
root@groupmgt:~# cat createAll_PEM.sh
echo “================================”
echo “=== CREATE INPUT FILES ===”
echo “================================”
cd /etc/letsencrypt/live
ls -1 > /root/Alldirs.txt
while read dir
do
echo “dir:$dir”
cd $dir
ls -l
cat privkey.pem fullchain.pem | tee haproxy.pem
cat privkey.pem fullchain.pem | tee $dir.pem
cp $dir.pem ../../all/.
echo “created: $dir/haproxy.pem”
cd /etc/letsencrypt/live
done <“/root/Alldirs.txt”
echo “================================”
echo “=== DONE : all haproxy.pem created ===”
And the third script will update the cerst and update the haproxy part
root@groupmgt:~# cat refreshCert.sh
/usr/bin/letsencrypt renew >> /var/log/certRenewal.log
/root/createAll_PEM.sh >> /var/log/cert_createPEM.log
The haproxy part like installation and restartting after the update of the created pem’s that’s something which will not be written out in this section 🙂