Gitiles
Code Review Sign In
review.gerrithub.io / Adligithub2 / certbot-route53 / d2a81b1f163ad8b6d554a5c38d1899b6a1912a09
commitd2a81b1f163ad8b6d554a5c38d1899b6a1912a09[log] [tgz]
authorPaulo Köch <paulo.koch@gmail.com>Wed Apr 05 11:02:37 2017 +0100
committerGitHub <noreply@github.com>Wed Apr 05 11:02:37 2017 +0100
tree9d396b0953fa64b4dafca852c8d8b1ab2ff7bde4
parent176e9fa164101a3b24b578f4b82c2503064c6b7f [diff]
parent08932836f36d58ce175a926d0706171db21a036d [diff]
Merge pull request #4 from lifeonmarspt/pkoch_cleanup

Cleanup installation
tree: 9d396b0953fa64b4dafca852c8d8b1ab2ff7bde4
  1. certbot_route53/
  2. .gitignore
  3. LICENSE
  4. MANIFEST.in
  5. README.md
  6. sample-aws-policy.json
  7. setup.cfg
  8. setup.py
  9. tester.pkoch-macos_sierra.sh
README.md

Route53 plugin for Let's Encrypt client

Before you start

It's expected that the root hosted zone for the domain in question already exists in your account.

Setup

  1. Create a virtual environment

  2. Update its pip and setuptools (VENV/bin/pip install -U setuptools pip) to avoid problems with cryptography's dependency on setuptools>=11.3.

  3. Make sure you have libssl-dev and libffi (or your regional equivalents) installed. You might have to set compiler flags to pick things up (I have to use CPPFLAGS=-I/usr/local/opt/openssl/include LDFLAGS=-L/usr/local/opt/openssl/lib on my macOS to pick up brew's openssl, for example).

  4. Install this package.

How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or via .aws/credentials. Check out (sample-aws-policy.json)[sample-aws-policy.json].

To generate a certificate:

certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  -a certbot-route53:auth \
  -d MY.DOMAIN.NAME