I would like to understand how to use certbot’s post-hook to automatically update certificates?
Having looked at the Certbot renew with post-hook documentation, it looks like I have to create a script and put it into /etc/letsencrypt/renewal-hooks/post
folder - is that right?:
“You can also specify hooks by placing files in subdirectories of Certbot’s configuration directory. Assuming your configuration directory is
/etc/letsencrypt
, any executable files found in/etc/letsencrypt/renewal-hooks/pre
,/etc/letsencrypt/renewal-hooks/deploy
, and/etc/letsencrypt/renewal-hooks/post
will be run as pre, deploy, and post hooks respectively when any certificate is renewed with the renew subcommand.”
I’m running OpenFire on a Raspberry Pi 3B/Rasbian Buster.
Would the following steps do the trick?:
sudo su
cd /etc/letsencrypt/renewal-hooks/post
nano copykeys.sh
Copy and paste:
#!/bin/bash
cp /etc/letsencrypt/live/MY-DOMAIN/privkey.pem /resources/security/hotdeploy/my-domain-privkey.pem
cp /etc/letsencrypt/live/MY-DOMAIN/privkey.pem /resources/security/hotdeploy/my-domain-privkey.pem
(obviously I change MY-DOMAIN for my domain)
Save and exit:
Ctrl
and then X
, then Y
, then Enter
Then make script executable:
chmod +x copykeys.sh
Thanks for any advice