This project builds a docker container, which helps to use Lets Encrypt Certificates on Citrix ADC. I use this internally for automating our certificate management using dehydrated and push these certificates to Citrix ADC.
At the moment http-01 challenges are supported only. All configuration is done by configuration files. You can have multiple configuration files, one for each certificate you want to use.
There are two configuration files needed for a valid configuration.
- The
.cfgfile. See theconfig-adc.examplefiles - A domains file referenced in the
.cfgfile. This file contains all doamin names for the certificate (Subject Alternative Names) in one line divided by space. Any change in this files execute a renewal of the certificate.
The container tries in a intervall if 5 minutes to renew the certificates. A renewal will be exectuted if
- the certificates become invalid in the next 30 days
- there are configuration changes (e.g. domain changes)
You can pull it via Github Registry:
docker pull ghcr.io/hbrust/adc-certupdater-letsencrypt:latest
You need to provide mounts for
/config: this directory is searched for.cfgfiles and domain name files/storage: this is the directory where Dehydrated will store all ACME stuff (identities, certificates)
You can run it with the following command
docker create \
--name=certupdater \
-v "config_data:/config" \
-v "cert_data:/storage" \
--restart unless-stopped \
ghcr.io/hbrust/adc-certupdater-letsencrypt:latest
At the moment there are no environment variables needed. It is planned for upcoming versions to add environment variables for configuration.
This project is based on the work of Ryan Butler and Blog