1 | #!/bin/bash |
---|
2 | |
---|
3 | # Small script to run about once a month to update the letsencrypt |
---|
4 | # ssl cert. This can save hundreds of dollars annually! |
---|
5 | # |
---|
6 | # Run from cron at 12:15 on the 5th of the month like this : |
---|
7 | # 15 12 05 * * /root/updateSSLcerCron.sh |& mail -s "SSL certificate update on `hostname -f`" noien@nso.edu |
---|
8 | # |
---|
9 | # Niles Oien for Alisdair Davey, April 2018 |
---|
10 | |
---|
11 | # Make sure the script we run is there. |
---|
12 | pn=`basename $0` |
---|
13 | if [ ! -f ./certbot-auto ] |
---|
14 | then |
---|
15 | echo $pn : Cert update script ./certbot-auto not found - exiting |
---|
16 | exit -1 |
---|
17 | fi |
---|
18 | |
---|
19 | # See the date initially. |
---|
20 | echo Initially, the date on the cert file is as follows : |
---|
21 | /bin/ls -l /etc/letsencrypt/live/`hostname -f`/fullchain.pem |
---|
22 | |
---|
23 | # Run it. Redirect output to a file due to weird escape char that messes up mail. |
---|
24 | echo |
---|
25 | echo $pn : Running certbot-auto |
---|
26 | ./certbot-auto --noninteractive renew &> certbot-auto.log |
---|
27 | echo $pn : Done running certbot-auto, results in certbot-auto.log |
---|
28 | |
---|
29 | # Having run it, print where to check it and the date on the cert. |
---|
30 | echo |
---|
31 | echo Now, date on the cert file is as follows : |
---|
32 | /bin/ls -l /etc/letsencrypt/live/`hostname -f`/fullchain.pem |
---|
33 | echo |
---|
34 | echo Check your configuration \(remember to clear the cache\) at : |
---|
35 | echo https://www.ssllabs.com/ssltest/analyze.html\?d=`hostname -f` |
---|
36 | echo |
---|
37 | |
---|
38 | exit 0 |
---|
39 | |
---|