Gitiles
Code Review Sign In
review.gerrithub.io / Adligithub2 / certbot-route53 / 176e9fa164101a3b24b578f4b82c2503064c6b7f
commit176e9fa164101a3b24b578f4b82c2503064c6b7f[log] [tgz]
authorPaulo Köch <paulo.koch@gmail.com>Sun Mar 19 13:43:47 2017 +0000
committerGitHub <noreply@github.com>Sun Mar 19 13:43:47 2017 +0000
tree60b933fd6c14d16b3bbb8d7c1e53c374b6b482ad
parent1542bce2613b9e5c6664a63b65c4b3b0331ba629 [diff]
parent8850bd126ba811f2f498c9082e0da653e5031e24 [diff]
Merge pull request #3 from jsha/miscellaneous

Documentation and efficiency changes.
tree: 60b933fd6c14d16b3bbb8d7c1e53c374b6b482ad
  1. certbot_route53/
  2. .gitignore
  3. LICENSE
  4. LICENSE.txt
  5. MANIFEST.in
  6. README.md
  7. sample-aws-policy.json
  8. setup.cfg
  9. setup.py
README.md

Route53 plugin for Let's Encrypt client

Before you start

It's expected that the root hosted zone for the domain in question already exists in your account.

Setup

  1. Create a virtual environment

  2. Make sure you have libssl-dev (or your regional equivalent) installed. pycparser suffers from https://github.com/eliben/pycparser/issues/148, which is why we need to recompile it, which depends on libssl-dev.

  3. Install by adding these to your requirements.txt file:

--no-binary pycparser
-e git+https://github.com/certbot/certbot.git#egg=certbot
-e git+https://github.com/certbot/certbot.git#egg=acme&subdirectory=acme
certbot-route53

We need DNS01 support in certbot, which is only available in master for now.

How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or via .aws/credentials.

To generate a certificate:

certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  -a certbot-route53:auth \
  -d MY.DOMAIN.NAME