SSL Manager
SSL certificate management and automation tool for web servers with automatic renewal and deployment.
SSL Certificate Manager
A comprehensive tool for managing SSL certificates, including Let's Encrypt integration, certificate generation, and Nginx SSL configuration.
Features
- Let's Encrypt integration
- Self-signed certificate generation
- Certificate renewal automation
- SSL configuration testing
- Nginx SSL configuration
- Certificate backup and restore
Installation
- Download the script from the Lambda Softworks Customer Portal:
- Log in to your Lambda Softworks Customer Portal account
- Navigate to the Files section
- Download the ssl-manager.sh script
Prerequisites
- Bash shell
- Python 3 (for dashboard)
- jq (for JSON processing)
- yq (for YAML processing, optional)
- Root or sudo privileges
Installation Steps
- Clone the repository:
git clone https://github.com/yourusername/lambda-scripts.git cd lambda-scripts/admin-tools
- Make the script executable:
chmod +x ssl-manager.sh
- Install dependencies:
For Debian/Ubuntu:
sudo apt-get update sudo apt-get install -y python3 jq certbot python3-certbot-nginx
For RHEL/CentOS:
sudo yum install -y python3 jq certbot python3-certbot-nginx
Usage
Basic Commands
- Setup Let's Encrypt:
sudo ./ssl-manager.sh --setup-le admin@example.com
- Generate certificate:
sudo ./ssl-manager.sh --letsencrypt example.com admin@example.com
- Configure Nginx SSL:
sudo ./ssl-manager.sh --configure-nginx example.com
Advanced Options
--new DOMAIN: Generate new self-signed certificate--renew-all: Renew all certificates--test DOMAIN: Test SSL configuration--backup DOMAIN: Backup certificate
Configuration
SSL Configuration
# /etc/web-tools/ssl-config.yml
ssl:
protocols: TLSv1.2 TLSv1.3
ciphers: HIGH:!aNULL:!MD5
session_cache: shared:SSL:10m
session_timeout: 10m
hsts: true
hsts_max_age: 31536000
security_headers:
- X-Frame-Options: SAMEORIGIN
- X-XSS-Protection: "1; mode=block"
- X-Content-Type-Options: nosniff
- Referrer-Policy: no-referrer-when-downgrade
- Content-Security-Policy: "default-src 'self' http: https: data: blob: 'unsafe-inline'"
Logs and Data Storage
Log File Location
/var/log/web-tools/ssl-manager.log
Certificate Locations
- Certificates:
/etc/ssl/certs/ - Private Keys:
/etc/ssl/private/ - Let's Encrypt:
/etc/letsencrypt/
Backup Location
/etc/web-tools/ssl-backups/
Cross-Platform Compatibility
Linux Support
- RHEL/CentOS 7+
- Ubuntu 18.04+
- Debian 10+
- Other Linux distributions with systemd
Service Support
- Nginx 1.18+
- Let's Encrypt Certbot
Examples
New Domain Setup
# Setup Let's Encrypt sudo ./ssl-manager.sh --setup-le admin@example.com # Generate certificate sudo ./ssl-manager.sh --letsencrypt example.com admin@example.com # Configure Nginx sudo ./ssl-manager.sh --configure-nginx example.com
Certificate Management
# Generate self-signed certificate sudo ./ssl-manager.sh --new example.com # Test SSL configuration sudo ./ssl-manager.sh --test example.com # Backup certificate sudo ./ssl-manager.sh --backup example.com
Troubleshooting
Common Issues
Permission Errors
- Ensure the script is run with sudo
- Check directory permissions
- Verify user has necessary privileges
SSL Issues
- Verify certificate paths
- Check SSL configuration
- Review SSL logs
Report Generation Issues
- Check log directory permissions
- Verify HTML template access
- Check disk space
Debug Mode
To enable debug logging:
sudo DEBUG=1 ./ssl-manager.sh [OPTIONS]