Page MenuHomeDevCentral

Generate Let's encrypt certificates
ClosedPublic

Authored by dereckson on Apr 27 2017, 15:13.
Tags
None
Referenced Files
F3763710: D966.id2491.diff
Fri, Nov 22, 02:00
F3763692: D966.id2472.diff
Fri, Nov 22, 01:49
F3763690: D966.id2468.diff
Fri, Nov 22, 01:48
F3763668: D966.id2469.diff
Fri, Nov 22, 01:32
F3763259: D966.diff
Thu, Nov 21, 21:56
Unknown Object (File)
Tue, Nov 19, 07:45
Unknown Object (File)
Sun, Nov 17, 09:27
Unknown Object (File)
Fri, Nov 8, 02:21
Subscribers

Details

Summary

Automate the certbot certonly code

Test Plan

Test on Eglide

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Software part checked and working fine.

Tweak configuration, remove RSA 4096 bits (timeouts on Eglide)

This revision was automatically updated to reflect the committed changes.

Closed by a commit to a non master branch (I committed a production branch to reflect current state used in production pending code review, and pushed before to configure the repository in Phabricator to only autoclose for master branch).

$ salt eglide state.apply roles/core/letsencrypt/certificates

----------
          ID: certificate_www.eglide.org
    Function: cmd.run
        Name: certbot certonly -d www.eglide.org
      Result: True
     Comment: unless execution succeeded
     Started: 16:09:37.579363
    Duration: 42.949 ms
     Changes:   
----------
          ID: certificate_robot.paysannerebelle.com
    Function: cmd.run
        Name: certbot certonly -d robot.paysannerebelle.com
      Result: True
     Comment: Command "certbot certonly -d robot.paysannerebelle.com" run
     Started: 16:09:37.623629
    Duration: 16988.117 ms
     Changes:   
              ----------
              pid:
                  8736
              retcode:
                  0
              stderr:
                  Saving debug log to /var/log/letsencrypt/letsencrypt.log
                  Obtaining a new certificate
                  Performing the following challenges:
                  http-01 challenge for robot.paysannerebelle.com
                  Using the webroot path /var/letsencrypt-auto for all unmatched domains.
                  Waiting for verification...
                  Cleaning up challenges
                  Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
                  Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem
              stdout:
                  IMPORTANT NOTES:
                   - Congratulations! Your certificate and chain have been saved at
                     /etc/letsencrypt/live/robot.paysannerebelle.com/fullchain.pem. Your
                     cert will expire on 2017-07-26. To obtain a new or tweaked version
                     of this certificate in the future, simply run certbot again. To
                     non-interactively renew *all* of your certificates, run "certbot
                     renew"
                   - If you like Certbot, please consider supporting our work by:

                     Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
                     Donating to EFF:                    https://eff.
This revision is now accepted and ready to land.Apr 28 2017, 04:52
This revision was automatically updated to reflect the committed changes.