Differences

This shows you the differences between two versions of the page.

--- infra:certificates [2016/04/16 11:13]
127.0.0.1 external edit
+++ infra:certificates [2017/02/09 19:25]
sebian
@@ Line 1: / Line 1: @@
 ====== Installation ======
-Let's encrypt certificates are managed on ''bargkass.ldn-fai.net'', installation and management was done using this howto: https://blog.sebian.fr/letsencrypt/
+Let's encrypt certificates are managed on ''leela.ldn-fai.net'', installation and management was done using this howto: https://blog.sebian.fr/letsencrypt/
 ====== Monitoring ======
-https://conrad.ldn-fai.net/
+See [[https://conrad.ldn-fai.net/|LDN monitoring server]]
 Certificates are under supervision (for expiration), warning if the expiration date is less than 30 days, and critical for 10 days.
 ====== Renewal ======
-On ''bargkass.ldn-fai.net'' we have a little script in the ~root (''/root/letsencrypt-brique.sh'') for certificates renewal (using acme_tiny).
-<code bash>
+Managed by [[https://github.com/Spredzy/lecm|lecm]] on ''leela.ldn-fai.net''
-#!/bin/bash
-certs='hypercube.labriqueinter.net labriqueinter.net listes.labriqueinter.net repo.labriqueinter.net wiki.labriqueinter.net'
-pushd /etc/letsencrypt
-  for i in $certs
-  do
-    echo "##### $i #####"
-    acme_tiny.py --account-key ./private/labriqueinternet.key --csr ./csr/${i}.csr --acme-dir /etc/letsencrypt/challenges/${i}/ > ./certs/${i}.crt
-    cat ./certs/${i}.crt ./pem/intermediate.pem > ./pem/${i}.pem
-  done
-popd
-systemctl restart nginx
-</code>
-Example output:
-<code>
-##### hypercube.labriqueinter.net #####
-Parsing account key...
-Parsing CSR...
-Registering account...
-Already registered!
-Verifying hypercube.labriqueinter.net...
-hypercube.labriqueinter.net verified!
-Verifying hypercube.internetcu.be...
-hypercube.internetcu.be verified!
-Signing certificate...
-Certificate signed!
-</code>