Now let’s try to automate the certificate generation. For this I am going to refer to a post published on a site called pbxhacks.com. Please do exercise caution when you try the scripts below as they will change all the TXT
records in your domain.
--manual-auth-hook
and --manual-cleanup-hook
options in certbot can be used to add the TXT
record and delete it once the DNS Challenge is completed.
auth.sh
This script will add the TXT record and wait until that record is available to be verified.
cleanup.sh
Changes the TXT
record name since GoDaddy does not have a delete API.
run.sh
Runs Certbot.
Obtaining the Certificates
Execute run.sh
with the domain to generate the certs. For testing the scripts pass --staging
flag to certbot
command to not get blacklisted.
To bypass the Y/N
prompt use the below command.
The Source Code is here.
ZeroSSL
ZeroSSL is an online tool that can generate the Certs for you. With ZeroSSL you do not have to install anything on your machine but bare in mind that your Private Keys will be exposed to a 3rd party when you use it.
Here is a link to a ZeroSSL Video Tutorial.