certbot

mirror of https://github.com/certbot/certbot.git synced 2026-05-28 04:34:11 -04:00

History

ohemorange 57e56cc97b Candidate 0.16.0 (#4908 ) * Release 0.16.0 * Bump version to 0.17.0		2017-07-06 15:57:11 -07:00
..
certbot_dns_route53	route53: add module-level documentation	2017-06-09 13:47:39 -07:00
docs	route53: autogenerate documentation (#4816 )	2017-06-09 16:01:59 -07:00
examples	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
tools	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
.gitignore	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
LICENSE	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
MANIFEST.in	route53: autogenerate documentation (#4816 )	2017-06-09 16:01:59 -07:00
README.md	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
setup.cfg	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
setup.py	Candidate 0.16.0 (#4908 )	2017-07-06 15:57:11 -07:00

README.md

Route53 plugin for Let's Encrypt client

Before you start

It's expected that the root hosted zone for the domain in question already exists in your account.

Setup

Create a virtual environment
Update its pip and setuptools (VENV/bin/pip install -U setuptools pip) to avoid problems with cryptography's dependency on setuptools>=11.3.
Make sure you have libssl-dev and libffi (or your regional equivalents) installed. You might have to set compiler flags to pick things up (I have to use CPPFLAGS=-I/usr/local/opt/openssl/include LDFLAGS=-L/usr/local/opt/openssl/lib on my macOS to pick up brew's openssl, for example).
Install this package.

How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or via .aws/credentials. Check out sample-aws-policy.json for the necessary permissions.

To generate a certificate:

certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  --dns-route53 \
  -d MY.DOMAIN.NAME