Using Certbot Docker Image

This tutorial will showyou how to use the certbot docker image to generate Lets Encrypt SSL certificates.

Steps

LETSENCRYPT_VOLUME_DIR=$HOME/letsencrypt
DOMAIN="www.mydomain.com"

sudo docker run \
  --interactive \
  --tty \
  --rm \
  --name certbot \
  -p 80:80 \
  -p 443:443 \
  -v "$LETSENCRYPT_VOLUME_DIR:/etc/letsencrypt" \
  certbot/certbot \
  certonly -d $DOMAIN --standalone

After you have completed this once, you can automatically renew by running the following:

LETSENCRYPT_VOLUME_DIR=$HOME/letsencrypt
DOMAIN="www.mydomain.com"

sudo docker run \
  --interactive \
  --tty \
  --rm \
  --name certbot \
  -p 80:80 \
  -p 443:443 \
  -v "$LETSENCRYPT_VOLUME_DIR:/etc/letsencrypt" \
  certbot/certbot \
  certonly --standalone -d $DOMAIN --quiet

This appears to only work with one domain at a time. Using multiple -d $DOMAIN with different domains won't work.

The certificates will be in $LETSENCRYPT_VOLUME_DIR/archive with a symlink to the latest ones in $LETSENCRYPT_VOLUME_DIR/live, so we can copy them to where we want by using:

sudo cp \
  --recursive \
  --dereference \
  $LETSENCRYPT_VOLUME_DIR/live \
  /path/to/output/dir

sudo chown --recursive $USER:$USER  /path/to/output/dir

References

• Certbot.eff.org Docs - Running With Docker