Gitiles
Code Review Sign In
review.gerrithub.io / Adligithub2 / certbot-route53 / 08932836f36d58ce175a926d0706171db21a036d
commit08932836f36d58ce175a926d0706171db21a036d[log] [tgz]
authorPaulo Koch <pkoch@lifeonmars.pt>Fri Mar 17 10:06:42 2017 +0000
committerPaulo Koch <paulo.koch@gmail.com>Wed Apr 05 11:02:01 2017 +0100
treec86c28d7ddae7ad8ac5d8efbf6754446a2f59239
parent1b65e17999b119369ff63fd9917d6e2fe2776b18 [diff]
Add my janky tester
1 file changed
tree: c86c28d7ddae7ad8ac5d8efbf6754446a2f59239
  1. certbot_route53/
  2. .gitignore
  3. LICENSE
  4. MANIFEST.in
  5. README.md
  6. sample-aws-policy.json
  7. setup.cfg
  8. setup.py
  9. tester.pkoch-macos_sierra.sh
README.md

Route53 plugin for Let's Encrypt client

Before you start

It's expected that the root hosted zone for the domain in question already exists in your account.

Setup

  1. Create a virtual environment

  2. Update its pip and setuptools (VENV/bin/pip install -U setuptools pip) to avoid problems with cryptography's dependency on setuptools>=11.3.

  3. Make sure you have libssl-dev and libffi (or your regional equivalents) installed. You might have to set compiler flags to pick things up (I have to use CPPFLAGS=-I/usr/local/opt/openssl/include LDFLAGS=-L/usr/local/opt/openssl/lib on my macOS to pick up brew's openssl, for example).

  4. Install this package.

How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or via .aws/credentials. Check out (sample-aws-policy.json)[sample-aws-policy.json].

To generate a certificate:

certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  -a certbot-route53:auth \
  -d MY.DOMAIN.NAME