You are not logged in.
I am happy to share another of my tools - ssl-mgr.
This has been in production for some time now and has been working well for me.
Of courser do please let me know of any issues or questions.
Overview:
---------------
Certificate management tool.
I wrote this with 3 specific goals. To:
* simplify certificate management - (i.e. automatic, simple and robust)
* support *dns-01* acme challenge with Letsencrypt (and *http-01*)
* support *DANE TLS*
The aim is to make it as robust, complete and simple to use as possible. Under the hood, make it
sensible and as automated as is feasible. A good tool does things correctly and
makes it as easy and simple as it can be; but no simpler.
In practical terms, there are really only 2 commands that are needed with *sslm-mgr*:
* renew* - creates the new certificate(s) in *next*
* roll - moves *next* to become the new *curr*.
First configure the domain(s) (and subdomains) needing certs and whether you want DANE TLS file(s) to be generated.
Also configure where to push new certs and which servers need to be restarted (e.g. web, mail, dns, etc).
Run in test mode to confirm all is fine.
Then run a cron job to do:
renew - wait - roll.
Available in AUR
And github: github
Hope others find this useful.
gene
Offline