Letsencrypt.sh on Windows-#2.

Update information      Edit(Sep.19)  Edit2(Oct.26)

[2017.OCt.20]    We can use mod_md in ApacheLounge 2.4.x version now, so I changed from dehydrated (former Letsencrypt.sh) to mod_md about certs updating tool. About this, see → “From dehydrate to mod_md, Let’s Encrypt Tool”.
[Oct.26]    As I use Elliptic curve Diffie–Hellman (ECDH) for kx now, I posted a new article. ☞“Letsencrypt.sh on Windows-#4”
[Sep.19]    As I had a success about the first renewal of the Let’s Encrypt Certs automatically, I posted a new article. ☞“Letsencrypt.sh on Windows-#3”
   By the way, they renamed project from letsencrypt.sh to dehydrated. So you can find the project at https://github.com/lukas2511/dehydrated/releases. Therefore, read letsencrypt.sh as dehydrated in my article.
   Continued from my last post.
   Now, I’ll write HowTO renew certs automatically by Letsencrypt.sh. Once I made the batch file which didn’t work well because of letsencrypt-win-simple limitation. But the part which was not related to letsencrypt-win-simple worked well.

   At this time, I confirmed Letsencrypt.sh can force-renew certs on Cygwin on Windows, so I made another batch file named ‘LetEncryptsh.bat’. It calls bash.exe of Cygwin from cmd.exe directly and is executed once a day by Windows Task scheduler.

@echo off
setlocal enabledelayedexpansion

copy \pathto\letsencrypt.sh\list.txt \pathto\letsencrypt.sh\list-old.txt>>null

pushd \pathto\[Cygwin's bin directory]
bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -c"

pushd \pathto\[Cygwin's bin directory]
bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -gc"
pushd C:\Users\UserID\AppData\Roaming\archive\YourDomain
del /Q *.*

pushd C:\Users\UserID\AppData\Roaming\certs\YourDomain
forfiles /m *.pem /C "cmd /c echo @file @fsize @fdate @ftime" >\pathto\letsencrypt.sh\list.txt
fc /L \pathto\letsencrypt.sh\list.txt \pathto\letsencrypt.sh\list-old.txt
if %errorlevel%==0 goto not_do_anything
if %errorlevel%==1 goto cpy


pushd C:\Users\UserID\AppData\Roaming\certs\YourDomain
forfiles /m *-*.pem >\pathto\letsencrypt.sh\new.txt

for /f %%a in (\pathto\letsencrypt.sh\new.txt) do (
SET STR=%%~a
SET STR1=!STR:~0,7!
Pushd C:\Users\UserID\AppData\Roaming\certs\YourDomain
if !STR1! EQU fullcha (copy !STR! \pathto\server.crt>>null)
if !STR1! EQU privkey (copy !STR! \pathto\server.key>>null)
\pathto\bin\httpd -k stop
\pathto\bin\httpd -k start

Let's Encrypt.sh's task.
Let’s Encrypt.sh’s task.
   When you make this batch file by a text editor, you have to follow a MS format for cmd.exe except ‘bash –login -i -c “~~”‘. The batch file creates list.txt, list-old.txt and new.text in letsencrypt.sh directry.

   After making LetEncryptsh.bat, create a task which is executed once a day on Windows Task scheduler.
   If you want to use this batch file, you need a few preparation.

Run cmd.exe and do the following commands.

>pushd \pathto\[Cygwin's bin directory]
>bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -gc"
>pushd C:\Users\UserID\AppData\Roaming\certs\YourDomain
>forfiles /m *.pem /C "cmd /c echo @file @fsize @fdate @ftime" >\pathto\letsencrypt.sh\list.txt

   That’s it.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.