Manage your Let's Encrypt certificates with dehydrated

Boris HUISGEN
Boris HUISGEN
Manage your Let's Encrypt certificates with dehydrated

Dehydrated allows you to manage your Let’s Encrypt SSL/TLS certificates from the command line.

First install the software package from your Linux distribution:

# apt install dehydrated

The certificates’s domain names to manage need to be listed into the file domains.txt:

# vim /etc/dehydated/domains.txt

blog.hbis.fr www.hbis.fr
mail.hbis.fr

Each line is associated to a certificate. If you need alternate names, they must be specified in the same line next to the certifcate’s common name.

About the configuration, edit the certificate validation settings:

# vim /etc/dehydrated/conf.d/letsencrypt.sh

BASEDIR="/var/lib/letsencrypt/"
WELLKNOWN="/var/www/hbis.fr/blog/html/.well-known/acme-challenge"
CONTACT_EMAIL="postmaster@hbis.fr"

The certificates can be generated now:

# dehydrated -c

To renew the certificates before their expiration, a cron script must be setup:

# vim /etc/cron.monthly/dehydrated

#!/bin/bash

/usr/bin/dehydrated -c
systemctl reload nginx

# chmod +x /etc/cron.montly/dehydrated
Boris HUISGEN
Boris HUISGEN
Blog owner
  • #dehydrated
  • #tls