LetsEncrypt SSL cert renewal using dedicated HTTP server and autorenewal script
- Run dedicated HTTP server
docker run --name letsencrypt-dedicated-http -v <path-to-challenge-folder>:/opt/challenge -p 80:80 -d mlenic/letsencrypt-dedicated-http
- Fetch SSL certificates
docker run -it --rm -v <path-to-letsencrypt>:/etc/letsencrypt -v <path-to-challenge>:/opt/challenge certbot/certbot certonly --webroot -w /opt/challenge -d <domain-name> --email <your-email> --agree-tos
- Replace
<path-to-letsencrypt>inrenew.shwith LetsEncrypt path used in step #2
docker run -it --rm -v <path-to-letsencrypt>:/etc/letsencrypt certbot/certbot renew
- Setup automatic SSL certificates renewal (once a week)
$ crontab -e
* 10 * * 2 bash <path-to-renew.sh>
- both
challengeandletsencryptfolders should be empty before starting the steps - to fetch certificates for multiple domains just add another
-dparameter in step #2
docker run -it --rm -v <path-to-letsencrypt>:/etc/letsencrypt -v <path-to-challenge>:/opt/challenge certbot/certbot certonly --webroot -w /opt/challenge -d <domain-name> -d <second-domain-name> -d <third-domain-name> --email <your-email> --agree-tos
- you can create your docker image with custom nginx configuration. Just update
nginx.confand build docker image fromDockerfile