A docker image providing certbot (0.24) + all official DNS plugins. This is ideal if you want to create letsencrypt wildcard certificates.
$ docker pull 9jkh/certbot-dns- Create IAM user with the following policy: sample-aws-policy.json
- See possible boto3 environment variables
- See possible dns plugins
$ mkdir -p "$(pwd)/letsencrypt"
$ docker pull 9jkh/certbot-dns- staging acme v2 url: https://acme-staging-v02.api.letsencrypt.org/directory
- prod acme v2 url: https://acme-v02.api.letsencrypt.org/directory
$ docker run \
-e "AWS_ACCESS_KEY_ID=abc123" \
-e "AWS_SECRET_ACCESS_KEY=123abc" \
--name "certbot-dns" \
--volume "$(pwd)/letsencrypt:/etc/letsencrypt" \
9jkh/certbot-dns \
certonly \
--server "https://acme-staging-v02.api.letsencrypt.org/directory" \
--dns-route53 \
--agree-tos \
-m "dnsadmin@yourdomain.com" \
--non-interactive \
-d "*.yourdomain.com"Optionally you could programmatically store the cert on S3 for other apps to easiliy retrieve:
$ (cd "$(pwd)/letsencrypt/live/yourdomain.com" && zip -q -r - .) > yourdomain.com.zip
$ aws s3 cp yourdomain.com.zip s3://certs/yourdomain.zip