Automatic Let's Encrypt Certificates

Bash script to keep up-to-date with free certs from


The script is meant to be installed in /usr/local/sbin/newcert.

In theory, this could be done without a subdomain, but I don't like what dynamic DNS does to my zone files. So, I decided to localize the mess to a tiny zone with no other purpose. It also lets me set the TTL absurdly low without affecting real zones.

Wed Jan 29 13:10:25 2020