danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
I'm excited about the LetsEncrypt service--free, trusted SSL certificates, with support for multiple domains/hostnames and automated renewal is, IMO, a big deal. I have one of their certificates on my main web server, another on my FreeNAS box, and a third on another internal Linux server. I also have a script running via a cron job on my web server to renew the certificates every other month, and renew them all on the web server, since it's the only machine directly exposed to the 'net.
Installing/activating the cert on the web server is simplicity itself--since the certs are symlinked to /etc/letsencrypt/live/domain/cert.pem (and related files), nothing changes in the config at all--just need to reload apache to load the new cert.
Installing/activating the new cert on the other Linux server is pretty simple too--simply scp the appropriate files to the appropriate locations on that server, then 'ssh root@host service httpd reload'. No problem to script that.
Where I'm lost is in getting the cert files to my FreeNAS box. Sure, I can just view the files and copy/paste them into the web GUI, but where's the fun in that? I could easily scp them to the FreeNAS box, but that doesn't get them into the config database. Is there a straightforward way to upload/install those files via a script?
Installing/activating the cert on the web server is simplicity itself--since the certs are symlinked to /etc/letsencrypt/live/domain/cert.pem (and related files), nothing changes in the config at all--just need to reload apache to load the new cert.
Installing/activating the new cert on the other Linux server is pretty simple too--simply scp the appropriate files to the appropriate locations on that server, then 'ssh root@host service httpd reload'. No problem to script that.
Where I'm lost is in getting the cert files to my FreeNAS box. Sure, I can just view the files and copy/paste them into the web GUI, but where's the fun in that? I could easily scp them to the FreeNAS box, but that doesn't get them into the config database. Is there a straightforward way to upload/install those files via a script?