Automating ACME certificates with n8n

Any thoughts if it possible/viable to automate ACME certificates using n8n? I’m not thinking about getting the n8n container a certificate, but to use ACME protocol to get certificates for my other servers/services. There are also different appliances like firewalls, load balancers and other custom applications that don’t support installing something like certbot, so I’d like to do certificate management centrally from a single n8n installation.

I could probably SSH into a linux server and run Certbot there and then have n8n to move the files with SCP / use API depending on the installation target. However it seems that I can run only a single command with SSH module, but I would need to run the first certbot command, then read the DNS validation record from the screen, use Cloudflare/Azure DNS to update the recrods and then continue with certbot.

Any thoughts how I could do this?

This is an interesting use case…but I would argue not worth trying as there a re much better solutions to achieve your desired outcome.

The easiest and most useful way would be to setup a reverse proxy that handles SSL and certs for all services.
Thats how I’m managing ~20 webinterfaces/services on my network from a single point.

But if you really want to explore the route with n8n, I’d read into the docs for the --manual-auth-hook command for certbot. This may gives you the ability to call certbot via SSH and use --manual-auth-hook to call script that then sends the data back to an n8n webhook.