Skip to content
/ certnow Public
forked from alexandernicholson/certnow

Certbot πŸ’œ AWS (Secrets Manager + Route 53)

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TableCheck-Labs/certnow

BranchesTags
Β 
Β 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

5 Commits
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
certnow.sh
certnow.sh
Β 
Β 

Repository files navigation

certnow

Certbot πŸ’œ AWS (Secrets Manager + Route 53)

This is a simple bash script which uses Certbot to generate a wildcard certificate for a domain and upload it to AWS Secrets Manager. It uses DNS validation via Route 53 for the domain.

By default, if you do not use a wildcard domain, BuyPass will be used as the CA. Otherwise, Let's Encrypt will be used. The certificate will be valid for 90 days if using Let's Encrypt, or 180 days if using BuyPass.

We recommend running this script via Airflow, a cron job, or other serverless infrastructure options to keep your certificate up to date.

Requirements

  • Certbot
  • AWS CLI
  • An AWS account with Route 53 and Secrets Manager access.
  • The domain you wish to issue a certificate to must have an active (public) zone in Route 53.

Usage

$ ./certnow.sh
Usage: certnow.sh <domain> <email> <aws_profile> <aws_region> <aws_secret_name> <extra_certbot_args>

Example

$ ./certnow.sh example.com [email protected] default us-east-1 example-com-cert

# To use RSA keys instead of ECDSA keys, use extra_certbot_args like so:
$ ./certnow.sh example.com [email protected] default us-east-1 example-com-cert "--key-type rsa --rsa-key-size 4096"

About

Certbot πŸ’œ AWS (Secrets Manager + Route 53)

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%