Hetionet Browser server: update letsencrypt to certbot

In the course of switching from ACME TLS-SNI-01 domain validation to HTTP-01, I had to upgrade letsencrypt to certbot version 0.28. More information at: https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210
hetio · Feb 21, 2019 · b7c144d · b7c144d
1 parent 5b0f264
commit b7c144d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/hetnet/neo4j/docker/host/ssl/install.sh b/hetnet/neo4j/docker/host/ssl/install.sh
@@ -1,7 +1,12 @@
 # On the Digital Ocean Droplet: Ubuntu Docker 17.05.0-ce on 16.04
-# Let's Encrypt comes installed. Configure by running:
+# Let's Encrypt comes installed.
+# The most recent version can also be installed via
+add-apt-repository ppa:certbot/certbot
+apt-get update
+apt-get install certbot
 
-letsencrypt certonly --standalone --domain neo4j.het.io
+# Configure by running:
+certbot certonly --standalone --domain neo4j.het.io
 
 # Consider adding --staging for testing until certificate registration succeeds.
 # Staging has higher rate limits, but does not produce recognized certificates.
diff --git a/hetnet/neo4j/docker/host/ssl/renew.sh b/hetnet/neo4j/docker/host/ssl/renew.sh
@@ -10,7 +10,7 @@ date --iso-8601=seconds --universal
 sh stop-docker.sh
 
 # renew certificates
-letsencrypt renew --non-interactive
+certbot renew --non-interactive
 cp /etc/letsencrypt/live/neo4j.het.io/fullchain.pem ~/ssl/neo4j.cert
 cp /etc/letsencrypt/live/neo4j.het.io/privkey.pem ~/ssl/neo4j.key