certificate

GCP Create SSL Certificate

by Ulysses · Jun 13, 2021

gcloud compute ssl-certificates create certificate-name \
--description="ssl cert for domain-name.com" \
--domains=domain-name.com \
--certificate=certificate-file \
--private-key=private-key \
--region=us-central1-c \
--global

You can register multiple domains to a single SSL certificate. This is particularly useful if you are hosting multiple domains on one server. This command adds more domains to your existing certificate.

certbot --expand -d existing.com -d newdomain1.com -d newdomain2.com

Check if the domains were added.

certbot certificates

Certbot certificates are valid for 90 days, but they automatically renew themselves if expiration is less than 30 days. If you need to renew manually for some odd reason, you can run this command. You can also perform a dry-run before renewing.

certbot renew
certbot renew --dry-run

AWS Update ACM Certs

by Ulysses · Oct 4, 2020

Here’s how to update AWS Certificate Manager SSL Cert.

#!/bin/bash
cd /etc/letsencrypt/live/domain.com/
 
arn='arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
 
aws acm import-certificate \
--certificate fileb://cert.pem \
--certificate-chain fileb://chain.pem \
--private-key fileb://privkey.pem \
--certificate-arn $arn \
--region us-east-1

You can run this every time certbot updates your certificate. Or you can schedule it in crontab.