Alternative to certbot for acquiring ssl certificates to use with nginx.

Hello, I wan’t to ask if anyone knows of a good alternative for certbot for acquiring ssl certificates for nginx.

Certbot isn’t good anymore for me since I started using crowdsec with nginx bouncer that uses lua block’s inside nginx config that cerbot can’t parse, making it not work anymore.

I use nginx because it’s the one I know the best and for my use case work’s the best. ( Hosting both program’s directly on metal and docker container’s )

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Update: I have moved to caddy, planned a switch either way and this just pushed me to do it.

possiblylinux127, (edited )

You don’t need it to parse your config. Just set it to manual mode with a cron job. You can manually copy the certs with a short script.

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Hi already tried that, worked for one domain and then stopped working for every other domain.

possiblylinux127,

Oh, I just assuming it would be one or 2 domains, my bad.

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Yea, evem rn on the server I have about 13? or so domains, and still haven’t migrated all my services over.

drkt,
@drkt@lemmy.dbzer0.com avatar

take a look at github.com/acmesh-official/acme.sh

eskuero,
@eskuero@lemmy.fromshado.ws avatar

You could not use the dns challenge?

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Requires me to add cname record’s, which beats the purpose of automation honestly. Will most likelly move to caddy.

brygphilomena,

I thought acme or certbot could handle the DNS entries with an API call to your DNS provider.

It may require another plugin though. Googling some variation of certbot acme automate DNS challenge will give you a dozen tutorials.

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Certbot has no support for vultr dns, not even with plugins. Already check.

brygphilomena,

Is there a particular reason you are keeping your DNS there?

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Nice ui, and I already have a vps there. My main dns provider is namecheap but made it use vultr under the hood because of the nice ui.

brygphilomena,

Fair enough, just throwing that out there as an option to move DNS somewhere that does have API access for certbot to use.

constantokra,

Switching to porkbun would make things a lot easier for you. DNS challenge is why I switched from Namecheap, and it’s less expensive and considerably easier to administrate.

QHC,

Namecheap API works just fine with Certbot DNS challenges for me, FWIW.

joao,

Being a bit pedantic, and could be wrong, but wouldn’t that make Namecheap your registrar only, which registers whatever nameservers you give it for the domain you own with the relevant gTLD entity?

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Yes

MangoPenguin,
@MangoPenguin@lemmy.blahaj.zone avatar

acme.sh seems to say it supports Vultr: github.com/acmesh-official/acme.sh/wiki/dnsapi2#d…

solrize,

I used dehydrated for a while. It’s a quite simple python script iirc. It’s on github someplace.

If your domain registrar is porkbun and you use their DNS hosting, they can generate wildcard certificates for you. It is pretty convenient though a little bit scary, since they generate your key pair and retrieve the cert from letsencrypt. But, since they run your DNS, they could do almost the same thing without you even knowing.

ulu_mulu,

What CA are you getting your certificates from?

If Let’s Encrypt, have you checked their alternative methods to certbot?

crony,
@crony@lemmy.cronyakatsuki.xyz avatar

Yea I’m using let’s encrypt. Juet wanted to hear opinions from people who are probably more experienced than me.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • selfhosted@lemmy.world
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #