Skip to content
/ certbun Public
forked from porkbundomains/certbun

Porkbun certbot alternative, now as a container

License

MIT license
0 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lukemcdo/certbun

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
certbun.py
certbun.py
 
 
config.json.example
config.json.example
 
 

Repository files navigation

certbun

Porkbun's minimalist Certbot alternative leaves the certificate generation to Porkbun and simply downloads certs to the location of your choosing, then reloads your web server with the command of your choosing.

Why?

Automated SSL cert generation software such as Certbot can be tricky to set up, especially if you want a wildcard certificate, which requires DNS access, or you use an unusual web server. Porkbun already has a massive certificate generation infrastructure, and a certificate API. You can let Porkbun handle the hassle of generating the certificate, and use certbun to pull it via the API and install it locally.

Before you install

We recommend manually downloading the certificate bundle and getting it working with your web server first, before trying to automate the process via certbun. Once your web server is reliably serving HTTPS traffic with no issue, you can automate the renewal process with certbun.

Installation

  1. Install Python if it's not already installed. This client is Python 2-compatible so it should run out of the box on MacOS and many Linux distributions. If you're running Windows, you should download the most recent production Python version.
  2. Download and uncompress certbun to the folder of your choice
  3. Install the requests library: pip install requests
  4. Rename config.json.example to config.json and paste in your generated API and Secret keys. Save the config file. If you haven't yet generated the keys, check out our Getting Started Guide.
  5. Configure the config file's domain field with the domain you wish to pull certs from.
  6. Configure the config file's domainCertLocation, privateKeyLocation, intermediateCertLocation, and publicKeyLocation fields with where you want the retrieved certificates to be saved. If your web server doesn't need the intermediate cert and public key, you can specify /dev/null as the filename.
  7. Configure the config file's commandToReloadWebserver field with the command you typically execute to get your web server to load the new certificate bundle. This command will run immediately after the files have been copied into place. I usually use /sbin/service nginx reload on Amazon Linux VPS instances I administer, but the command will vary depending on your web server and operating system.

Running the client

python certbun.py /path/to/config.json

Add it to cron

Since this client works in a fairly non-sophisticated way, you probably just want to download certs every week or so and restart your web server.

Edit your crontab with:

crontab -e

If you've never done this before, you may want to read a guide on how to do it.

Assuming you wanted certbun to run once per week, you'd add a line like:

23 1 * * 1 python /path/to/certbun.py /path/to/config.json | logger

About

Porkbun certbot alternative, now as a container

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%