Categories
Windows

Letsencrypt.sh on Windows-#2.

同一記事の日本語版
Update information      Edit(Sep.19)  Edit2(Oct.26)

[2017.OCt.20]    We can use mod_md in ApacheLounge 2.4.x version now, so I changed from dehydrated (former Letsencrypt.sh) to mod_md about certs updating tool. About this, see → “From dehydrate to mod_md, Let’s Encrypt Tool”.
========================================================
[Oct.26]    As I use Elliptic curve Diffie–Hellman (ECDH) for kx now, I posted a new article. ☞“Letsencrypt.sh on Windows-#4”
========================================================
[Sep.19]    As I had a success about the first renewal of the Let’s Encrypt Certs automatically, I posted a new article. ☞“Letsencrypt.sh on Windows-#3”
   By the way, they renamed project from letsencrypt.sh to dehydrated. So you can find the project at https://github.com/lukas2511/dehydrated/releases. Therefore, read letsencrypt.sh as dehydrated in my article.
========================================================
   Continued from my last post.
   Now, I’ll write HowTO renew certs automatically by Letsencrypt.sh. Once I made the batch file which didn’t work well because of letsencrypt-win-simple limitation. But the part which was not related to letsencrypt-win-simple worked well.

   At this time, I confirmed Letsencrypt.sh can force-renew certs on Cygwin on Windows, so I made another batch file named ‘LetEncryptsh.bat’. It calls bash.exe of Cygwin from cmd.exe directly and is executed once a day by Windows Task scheduler.
 

【LetEncryptsh.bat】
@echo off
setlocal enabledelayedexpansion

copy pathtoletsencrypt.shlist.txt pathtoletsencrypt.shlist-old.txt>>null

pushd pathto[Cygwin's bin directory]
bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -c"

pushd pathto[Cygwin's bin directory]
bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -gc"
pushd C:UsersUserIDAppDataRoamingarchiveYourDomain
del /Q *.*

pushd C:UsersUserIDAppDataRoamingcertsYourDomain
forfiles /m *.pem /C "cmd /c echo @file @fsize @fdate @ftime" >pathtoletsencrypt.shlist.txt
fc /L pathtoletsencrypt.shlist.txt pathtoletsencrypt.shlist-old.txt
if %errorlevel%==0 goto not_do_anything
if %errorlevel%==1 goto cpy
exit

:not_do_anything
exit

:cpy
pushd C:UsersUserIDAppDataRoamingcertsYourDomain
forfiles /m *-*.pem >pathtoletsencrypt.shnew.txt

for /f %%a in (pathtoletsencrypt.shnew.txt) do (
SET STR=%%~a
SET STR1=!STR:~0,7!
Pushd C:UsersUserIDAppDataRoamingcertsYourDomain
if !STR1! EQU fullcha (copy !STR! pathtoserver.crt>>null)
if !STR1! EQU privkey (copy !STR! pathtoserver.key>>null)
)
pathtobinhttpd -k stop
pathtobinhttpd -k start
exit

Let's Encrypt.sh's task.
Let’s Encrypt.sh’s task.
   When you make this batch file by a text editor, you have to follow a MS format for cmd.exe except ‘bash –login -i -c “~~”‘. The batch file creates list.txt, list-old.txt and new.text in letsencrypt.sh directry.

   After making LetEncryptsh.bat, create a task which is executed once a day on Windows Task scheduler.
   If you want to use this batch file, you need a few preparation.

Run cmd.exe and do the following commands.

>pushd pathto[Cygwin's bin directory]
>bash --login -i -c "/usr/local/letsencrypt.sh/letsencrypt.sh -gc"
>pushd C:UsersUserIDAppDataRoamingcertsYourDomain
>forfiles /m *.pem /C "cmd /c echo @file @fsize @fdate @ftime" >pathtoletsencrypt.shlist.txt

   That’s it.

Leave a Reply

Your email address will not be published. Required fields are marked *