-
Notifications
You must be signed in to change notification settings - Fork 6
3 Usage & Scheduling
Colin Stubbs edited this page Jun 12, 2020
·
2 revisions
Example CLI run - HTTP-01 based validation
DNS-01 validation for a wildcard cert,
[user@host ~]$ dehydrated --accept-terms --cron
# INFO: Using main config file /etc/dehydrated/config
# INFO: Using additional config file /etc/dehydrated/conf.d/ansible.sh
# INFO: Using additional config file /etc/dehydrated/conf.d/bigip.sh
# INFO: Using additional config file /etc/dehydrated/conf.d/lexicon.sh
# INFO: Using additional config file /etc/dehydrated/conf.d/local.sh
Processing *.routedlogic.net
+ Creating new directory /etc/dehydrated/certs/wildcard.routedlogic.net ...
+ Signing domains...
+ Generating private key...
+ Generating private rollover key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for routedlogic.net
+ Found valid authorization for routedlogic.net
+ 0 pending challenge(s)
+ Requesting certificate...
+ Checking certificate...
+ Done!
+ Creating fullchain.pem...
entering deploy_cert() to run Ansible playbook /etc/dehydrated/ansible/playbooks/bigip-deploy_cert-traffic.yml
PLAY [version] *********************************************************************************************************************************************
TASK [setup provider] **************************************************************************************************************************************
ok: [192.0.2.4]
TASK [Wait for BIG-IP to be available] *********************************************************************************************************************
ok: [192.0.2.4 -> localhost]
TASK [Create/update key for cert] **************************************************************************************************************************
changed: [192.0.2.4 -> localhost]
TASK [Create/update certificate] ***************************************************************************************************************************
changed: [192.0.2.4 -> localhost]
TASK [Create/update certificate chain] *********************************************************************************************************************
changed: [192.0.2.4 -> localhost]
TASK [Create/update client SSL profile] ********************************************************************************************************************
changed: [192.0.2.4 -> localhost]
TASK [Save the running configuration of the BIG-IP] ********************************************************************************************************
changed: [192.0.2.4 -> localhost]
TASK [Sync configuration from device to group] *************************************************************************************************************
skipping: [192.0.2.4]
PLAY RECAP *************************************************************************************************************************************************
192.0.2.4 : ok=7 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
+ Done!
+ Updating OCSP stapling file
+ Running automatic cleanup
[user@host ~]$
Example CLI run - DNS-01 based validation with env variable value overrides
Basically the same as manual execution, but scheduled to run via cron.