How to automatically detect and update the certificate issued by let's encrypt through getssl

by Devin Yang
(This article was automatically translated.)

Published - 7 years ago ( Updated - 7 years ago )

foreword

It's really great that let's encrypt provides free certificates. However, is it a bit troublesome to update the certificate every three months?
This article introduces how to use getssl to generate SAN certificate settings for multiple domain names, and put them into a schedule for automatic certificate renewal.
It's very simple, just six steps to get it done.

Note: In the following process, I use non-root permissions to set, if you need to use root to restart your nginx host,
 Please adjust the user you installed, or the restart command of the web server.

step

1. Download gessl through git and save it as scripts.
git clone https://github.com/srvrco/getssl scripts

2. For the first use, execute the following command
cd scripts
./getssl -c ccc.tc

Please replace the above name ccc.tc with your own domain name .
It will create a .getssl folder and a ccc.tc directory in your home directory
creating main config file /home/devin_yang/.getssl/getssl.cfg
Making domain directory - /home/devin_yang/.getssl/ccc.tc
creating domain config file in /home/devin_yang/.getssl/ccc.tc/getssl.cfg

3. Use vim to edit the settings, and simply copy the path displayed in the second step.
vim /home/devin_yang/.getssl/ccc.tc/getssl.cfg

4. The following getssl.cfg settings are for reference only, please adjust according to your actual host directory and certificate folder. 
content_copy#選取發送憑證的主機
CA="https://acme-v01.api.letsencrypt.org"
# additional domain names
SANS="www.ccc.tc, devin.ccc.tc, mail.ccc.tc"

#Set the ACME path, because I installed it in the dlaravel environment, and ccc is my project directory.
#Remember to create this directory under public.well-known/acme-challenge
ACL=('/home/devin_yang/dlaravel/sites/ccc/public/.well-known/acme-challenge')
USE_SINGLE_ACL="true"

# Set the credential path
CA_CERT_LOCATION="/home/devin_yang/dlaravel/etc/ssl/cert.crt"
DOMAIN_CHAIN_LOCATION="/home/devin_yang/dlaravel/etc/ssl/fullchain.pem"
DOMAIN_PEM_LOCATION="/home/devin_yang/dlaravel/etc/ssl/privkey.pem"
#D-Laravel's nginx overload instruction
RELOAD_CMD="bash -c 'cd /home/devin_yang/dlaravel; ./console reload'"

#Set host type
​​​​​​​​SERVER_TYPE="https"
Regarding RELOAD_CMD , if you are not using D-Laravel (docker-compose environment), For example: nginx, the reload method in nginx should be nginx -s reload , or in the old version of CentOS or RedHat Apache, you should be able to use service httpd graceful . I will not explain the relevant settings and instructions of the host part. In this article, I assume that the reader has already set the certificate of let's encrypt on the host, and only needs to complete the automatic update function. 5. Manually update the credentials and restart the nginx host cd ~/scripts ./getssl ccc.tc 6. Use crontab to put in the scheduled check every time and update it automatically content_copy15 5 * * * /home/devin_yang/scripts/getssl -u -a -q Supplement: If it is necessary to force the renewal of the certificate, we can use the -f parameter, for example, my SAN has added a new domain name content_copygetssl -f ccc.tc For the certificate setting method on nginx , you can refer to my article: How to configure HTTPS on nginx to get an SSL A+ score from Qualys
livewire/content-tags Tags: dlaravel Devin Yang Feel free to ask me, if you don't get it.:) Follow livewire/comments No Comment Post your comment Login is required to leave comments
close livewire/similar-stories Similar Stories nginx,dlaravel How to configure HTTPS on nginx to get an SSL A+ score from Qualys This article describes how to adjust the ssl settings of nginx so that the website can obtain an SSL report and get an A+ rating. Here I am using letsencrypt free credentials. As long as you use the official Docker nginx new version image preset by D-Laravel, you should be able to achieve the same effect as mine. You can check your host SSL settings through the following. https://www.ssllabs.com/ssltest/index.html dlaravel How to set the external network IP to the Project on D-Laravel? This video introduces how we assign Public Ip (public IP) to a specific Project in the D-Laravel environment. Whether it is the setting of the external production environment or the demo of your own project on the intranet, you can refer to the setting method of this video. In the video, although I used the external network IP of PPPoE dial-up to illustrate, we can also use the local network IP on our own computer if we change it. In this way, colleagues can connect to our D-Laravel Project. dlaravel,docker D-Laravel learning three stages Chat about the three stages of using D-Laravel, why use D-Laravel. Because the configuration files used by D-Laravel are quite simple, it is very suitable for beginners of Docker to learn, And users who do not know how to use Docker can also use the two commands ./console and ./create to create a project. About Me Disclaimer Privacy Licenses © 2025, made with favorite by Devin Yang for a better web. livewire/content-search backspace × livewire/block-content-lists Run OpenSpeedTest with phpenv format_align_left Read Article About the operation of --env in Laravel's artisan This article uses Laravel 9.40.1 for operation. I believe many people know...more format_align_left Read Article Use HAProxy to remove the /mail path of the Sysnolgy Mail Station This article explains the version of DSM7. The Package Center of Synology...more format_align_left Read Article HAProxy and fastapi HAProxy can use the definition of acl to determine which backend the request should direct to. This ...more format_align_left Read Article How do I create a fastapi runtime environment with phpenv phpenv php laravel runs HAProxy, and automatically applies for and updates...more format_align_left Read Article livewire/content-pages ‹‹ 1 2 3 4 5 6 ... 50 51 ›› window.livewire = new Livewire();window.Livewire = window.livewire;window.livewire_app_url = '';window.livewire_token = 'sxc1BQY2BCLFvPEa15yEhEa2YfNQoZJdOZYHkkaK';window.deferLoadingAlpine = function (callback) {window.addEventListener('livewire:load', function () {callback();});};let started = false;window.addEventListener('alpine:initializing', function () {if (! started) {window.livewire.start();started = true;}});document.addEventListener("DOMContentLoaded", function () {if (! started) {window.livewire.start();started = true;}}); /* var usertz = moment.tz.guess(); */ var searchStyle = function() { if ($(window).scrollTop() >= 100) { $("#search").parent().removeClass("has-white").addClass("has-rose"); $("#search").css({ 'color': 'gray' }); } else { $("#search").parent().removeClass("has-rose").addClass("has-white"); $("#search").css({ 'color': 'white' }); } if (window.width < 992) { $("#search").parent().removeClass("has-white").addClass("has-rose"); $("#search").css({ 'color': 'gray' }); } } $(window).resize(function() { if (document.body.clientWidth <= 992) { /* $("#search").parent().removeClass("has-white").addClass("has-rose"); $("#search").css({'color':'gray'}); */ //console.log(document.body.clientWidth); } }); var cleanSearch = function(e) { if (e.which == 21) { Livewire.emitTo('content-search', 'clean'); $("#search").focus(); } } document.getElementById("search").addEventListener("keyup", function(e) { cleanSearch(e); }); //searchStyle(); window.addEventListener('search-updated', event => { $("#search").focus(); }) $(document).on("keydown", function(e) { var code = e.keyCode; }); $(document).on("keypress", function(e) { if (!$("#search").is(":focus")) { console.log("B"); e.preventDefault(); } var code = e.keyCode; console.log(code); if (code == 47) { location.href = "/"; //$('#searchModal').modal('show'); } cleanSearch(e); }); var touchSearch = function(event) { $("#contentModal").modal("hide"); $(event.target).focus(); } $('#searchModal').on('shown.bs.modal', function() { $("#btnSearchModal").parent().fadeOut(); $('#search').trigger('focus'); }) $('#searchModal').on('hidden.bs.modal', function() { $("#btnSearchModal").parent().fadeIn(); $(document).trigger('focus'); }) var modalClose = function(modalId) { console.log("close modalId" + modalId); $("#" + modalId).modal("hide"); } $("#contentModal").on("shown.bs.modal", function(event) { var modal = $(this); modal.find("pre:has('code')").prepend('<span class="material-icons copy_code_to_text" onClick="copy_code_to_text(event,true)">content_copy</span>'); $("#contentModalCloseButton").show(); }); $('#contentModal').on('hidden.bs.modal', function() { var page = Livewire.emitTo('block-content-lists', 'getPage'); window.history.pushState('page', '3C Tech Center', "/?page=" + page); $("#contentModalCloseButton").hide(); }); Livewire.hook('element.initialized', (el, component) => { $("code").each(function(i, elm) { //Prism.highlightAll(elm); }); }) window.addEventListener('set-content-url', event => { var url = event.detail.url; var title = event.detail.title; var elm = $("div.modal-body").html(); $("#searchModal").modal("hide"); Prism.highlightAll(elm); FB.XFBML.parse(); try { window.history.pushState('page', title, url); document.title = title; } catch (e) { console.log(e); } $("#contentModal").modal("show"); }) //localStorage.clear(); var go_privacy = function() { localStorage.setItem("notify_cookie", "1"); location.href = "/privacy"; } var switch_lang = function(event,lang){ event.preventDefault(); const regex = /(^https:\/\/)\w+(\..+)/gm; var url = location.href.replace(regex,"\$1"+lang+"\$2"); location.href = url; } var cookie_notify = function() { toastr.options = { "closeButton": true, "debug": false, "newestOnTop": true, "progressBar": false, "positionClass": "toast-bottom-full-width", "preventDuplicates": false, "onclick": null, "showEasing": "swing", "hideEasing": "linear", "timeOut": 6000000, "extendedTimeOut": 6000000, "iconClasses": {"warning":"dark"} } if (localStorage.getItem("notify_cookie") == undefined) { toastr.warning( `In order to provide you with better services, this website uses cookies. By continuing to browse the web, you agree to our cookies policy. To understanding <button class='btn btn-danger btn-sm' onClick="go_privacy()" type="button" class='text-primary'><b>PRIVACY</b></button> ` ); } } cookie_notify(); if (window.history && history.pushState) { // check for history api support this.addEventListener('popstate', function(event, state) { modalClose('contentModal'); }); } var copy_code_to_text = function(event, is_modal=false) { toastr.remove() toastr.options = { "closeButton": false, "debug": false, "newestOnTop": false, "progressBar": true, "positionClass": "toast-top-right", "preventDuplicates": false, "onclick": null, "showDuration": "300", "hideDuration": "1000", "timeOut": "3000", "extendedTimeOut": "1000", "showEasing": "swing", "hideEasing": "linear", "showMethod": "fadeIn", "hideMethod": "fadeOut" } event.preventDefault(); var x = document.createElement("textarea"); if(is_modal){ var code = $(event.target).next(); console.log(code.text()); x.value = code.text(); $(event.target).append(x); x.select(); document.execCommand("copy"); x.remove(); }else{ x.value = $(event.target).parent().find("code").text(); document.body.appendChild(x); x.select(); document.execCommand("copy"); x.remove(); } toastr.info("已拷贝!") } $("pre:has('code')").prepend('<span class="material-icons copy_code_to_text" onClick="copy_code_to_text(event)">content_copy</span>');
In order to provide you with better services, this website uses cookies. By continuing to browse the web, you agree to our cookies policy. To understanding