Skip to content
Generate SSL certificates using Letsencrypt and Certbot on RaspberryPi for domains managed under Digitalocean
Makefile Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Manage SSL certificates using Letsencrypt for Domains managed on Digitalocean


  • RaspberryPi
  • Docker.
  • Domain managed on Digitalocean.
  • Digitalocean API access key.


Download latest version

$ wget -O rpi-certbot-manager-1.1.0.tar.gz && \
tar -xzvf rpi-certbot-manager-1.1.0.tar.gz && \
rm rpi-certbot-manager-1.1.0.tar.gz && \
cd rpi-certbot-manager-1.1.0
Digitalocean credentials

Use the template and create the credentials file.

$ cp config/digitalocean.ini.example config/digitalocean.ini

Get the API access key from digitalocean and update the dns_digitalocean_token variable in th credentials file.

Make config

The project uses Makefile to ease the process of certificate generation and renewal. It uses variables set in the file config/.makeenv. Use the template and create the file:

$ cp config/.makeenv.example config/.makeenv

Edit this config/.makeenv to match your requirements.

Certificate generation
$ make generate-certificates
Cronjob to renew certificates

LetEncrypt issues certificates that are valid only for 90 days. The certificates need to be renewed very often. This project also includes the scripts to renew the certificates using a cron job. To install the cronjob. Simple run:

$ make install-renewal-cron
Renew manual

If you choose not to renew automatically, you can also run the following:

$ make renew
After success hooks

The project supports running bash scripts after generating and renewing the certificates. These bash script can be placed (or symlinked) in the after-success-hooks directory.

Running in staging mode

$ make STAGING=1 renew
You can’t perform that action at this time.