Let's Encrypt on a Big-IP

Works perfectly, thanks!

Just tried this and am having a strange problem. On my dev F5 it works without any issues. However, on my prod F5 I get an error.

During the deploy_cert stage when it tries to install the key/cert it gives the error

01070712:3: file (/opt/letsencrypt/certs/somedomain/privkey.pem) expected to exist.

privkey.pem is a symlink to privkey-{timestamp}.key. Testing the install command in the cli with the real file works. Using the symlink gives the above error. Are there permissions settings somewhere I'm missing which would result in the above error?

dev V11.6.0

prod V11.6.1

Having some issues deploying this on a 12.1 VE. Does anyone have a more thorough walk through of the deployment process to get this working?

Matt what is your problem, does it report any errors? I'm running it without problems on 12.1.1.

The hook.sh in the zip file I downloaded from wiki.lnxgeek.org includes the following lines:

scp ${BASEDIR}/certs/$domain/privkey.pem root@9.0.0.4:/etc/ssl/letsencrypt/${domain}.key
scp ${BASEDIR}/certs/$domain/fullchain.pem  root@9.0.0.4:/etc/ssl/letsencrypt/${domain}.crt

You may want to comment these out

Also in hook.sh, those not in the US may want to change the date format in the certificate name as it appears in the GUI, from

now=$(date +%Y-%d-%m)

to

now=$(date +%Y-%m-%d)

Good point James, thanks.