Docker Hub source for brycefisherfleig/certbot-s3front, a certbot plugin for S3/Cloudfront static sites
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Docker Hub source for brycefisherfleig/certbot-s3front, a certbot plugin for provisioning no cost SSL certs on S3/Cloudfront static sites.

This is image is a thin wrapper around the certbot-s3front plugin for certbot, the recommended LetsEncrypt client. This plugin automates the process of provisioning and renewing certificates for S3 hosted static sites which use CloudFront as a CDN.

Why not virtualenv?

Many python developers using virtualenv and friends to manage differing python development environments, and this is a very successful approach. For developers with less familiarity with python or seeking an even simpler way to try out, deploy, or automate use of a python application like certbot-s3front, docker offers a bash one-liner that's guarranteed to work with minimal fuss.


  • Setup an AWS account
  • Create an S3 bucket
  • Add an IAM user with the sample IAM policy


Basic usage

docker run \
  --rm \
  -e EMAIL='' \
  -e S3_BUCKET=example-bucket-name \
  -e AWS_SECRET_ACCESS_KEY=abcdef0123456789EXAMPLE \
  -e \

Optional environment variables:

  • DEBUG - if set to anything, this will cause bash to print all values (including secrets!). Use with caution. (Disabled by default.)
  • REGION - defaults to us-west-1. Set to the same region as your AWS bucket
  • DIRECTORY - the "directory" of your certificate in Cloudfront. Defaults to empty string.