How to install Certbot (Let's Encrypt) without interaction?

You can run certbot 'silently' by adding the following options:

--non-interactive --agree-tos -m [email protected]

The full list of config options is available here:

https://certbot.eff.org/docs/using.html


There are several inline flags and "subcommands" (their nickname) provided by Certbot that can help to automate the process of generating free SSL certificates using Bash or shell scripts.

The most relevant flag as mentioned by @match is:

  • --noninteractive ...or alternatively... --non-interactive

However in reality this flag is not very helpful, because it doesn't do very much. If there are critical flags missing from your script, for example, the certificate will still fail to generate. Frankly, I think it would be better for Certbot to cancel the above flag, because it's rather misleading.

Here are the minimum flags required:

  1. --agree-tos
  2. --register-unsafely-without-email ...or... -m [email protected]
  3. -d example.com and/or -d www.example.com

You also must specify what type of Let's Encrypt installer plugin (environment) you want, for example you can choose from "standalone" or "manual" etc... for most cases, like a WordPress web server, you should choose "webroot" so that Certbot can easily verify ownership via the public root (make sure access to /.well-known* is not blocked):

--webroot -w /var/www/html/

Here is the complete command we use in SlickStack to install SSL certs:

## install Certbot SSL certificate ##
certbot certonly --noninteractive --agree-tos --cert-name slickstack -d ${SITE_TLD} -d www.${SITE_TLD} -d staging.${SITE_TLD} -d dev.${SITE_TLD} --register-unsafely-without-email --webroot -w /var/www/html/

In our case we hardcode the --cert-name to be slickstack because only one website is installed on each VPS server, so it makes other server admin tasks (and scripts) easier to manage. However, if you are installing several domains and SSL certs on the same server, you could change the subcommand --cert-name to be named after each TLD domain instead, etc. This affects the SSL directory names, thus helping to keep your files/folders nice and tidy.

Tags:

Bash

Ssl

Server

Lets Encrypt

Certbot

Related

Convert int[] to comma-separated string Different color bar chart from eCharts Get status bar height dynamically from XML No resource found that matches the given name (at 'dialogCornerRadius' with value '?android:attr/dialogCornerRadius') Ruby on Rails - searchkick gem : cluster_block_exception - FORBIDDEN/12/index read-only / allow delete (api) - status":403 What's the correct way to check if an object is a typing.Generic? Error - Android resource linking failed (AAPT2 27.0.3 Daemon #0) How to export Angular Material Table to excel or pdf or csv Correlation between ngOnInit and ionViewWillLoad lifecycle hook/event scikit learn - feature importance calculation in decision trees @CreatedBy and @LastModifiedDate are no longer working with ZonedDateTime? Micrometer's equivalent of Prometheus' labels

Recent Posts