Configure CloudFlare authentication in the script by uncommenting and specifying the
$CF_AUTH_KEY variables within
hook.sh. Alternatively, leave them commented and export them before calling the
letsencrypt.sh scripts, like so:
export CF_AUTH_USR="firstname.lastname@example.org"; export CF_AUTH_KEY="1234567893feefc5f0q5000bfo0c38d90bbeb"
In order to use the hook script with the ACME client, you will have to specify
dns-01 as the verification type and the path to the script:
./letsencrypt.sh -t dns-01 -k hook.sh ...
You can also set the verification type and the path to the script in
letsencrypt.sh script will also call the hook script with the
deploy_cert argument when a certificate is ready. The
hook.sh script handles this by checking if a
deploy.sh script exists, and if so, it will be called with the following arguments:
./deploy.sh domain-name path-to-key path-to-cert path-to-fullchain
If special handling is required for any of the issued certificates, copy
deploy.sh and modify as necessary.
unchanged.sh will be called with the same parameters, if exists, for certificates which were not renewed, since they are still valid.