iml-certman
Wrapper for acme.sh to create Let's Encrypt certificates based on CSR files using DNS authentication
source: https://git-repo.iml.unibe.ch/open-source/iml-certman
Installation
- Install acme.sh client: https://github.com/acmesh-official/acme.sh
- Clone or extract files of iml-certman
- Make your changes by copying *dist files to file without ".dist" extension and edit
- inc_config.sh
- set credentials for dns api
- set path to acme.sh script
- optional: set custom target for generated certificates
- optional: for testing enable Let's Encrypt stage server to prevent running into weekly limits during tests
- templates/csr.txt
- set location, company and department
- inc_config.sh
Usage
./cm.sh
_______________________________________________________________________________
- - - ---===>>> CERT MANAGER <<<===--- - - -
_______________________________________________________________________________
HELP
The basic syntax is
cm.sh ACTION [FQDN]
The ACTIONs for single certificate handlings are:
add FQDN [.. FQDN-N]
create new certificate
The first FQDN is a hostname to generate the certificate for.
Following multiple hostnames will be used as DNS aliases in the
same certificate.
add-or-renew FQDN [.. FQDN-N]
This param is for automation tools like Ansible or Puppet.
It checks if the certificate for first (*) FQDN exists.
If not: add a new cert (see "add").
If so: call renew action (see "renew")
(*) it doesn't verify the DNS aliases
delete FQDN
delete a given certificate
renew FQDN
renew (an already added) certificate
show FQDN
show place of csr + certificate data and show certificate
ACTIONs for all certs
list
list all certificates including creation and renew date