diff --git a/certbot-apache2/cert.py b/certbot-apache2/cert.py
new file mode 100644
index 0000000..e4ed78e
--- /dev/null
+++ b/certbot-apache2/cert.py
@@ -0,0 +1,46 @@
+#!/usr/bin/env python3
+
+import sys, os, platform, subprocess, re, argparse
+
+re_domain = r'^(?=.{1,253}$)(?!.*\.\..*)(?!\..*)([a-zA-Z0-9-]{,63}\.){,127}[a-zA-Z0-9-]{1,63}$'
+
+def sanity_check_system():
+	# check apache2
+	if subprocess.call("apache2 -v", shell=True):
+		sys.exit("Apache2 not installed on your system. Aborting...")
+
+def cert_add(domains):
+
+	dms = []
+	for d in domains:
+		if re.match(re_domain, d) is None:
+			print("Invalid domain name: " + d + " -> pass")
+			continue
+		dms.append(d)
+
+	certbot_args = ['sudo', 'cerbot', '--apache', 'certonly', '-d']
+	certbot_args.extend(dms)
+
+	subprocess.call(certbot_args)
+
+def cert_remove(domain):
+	pass
+
+if __name__ == "__main__":
+
+    p = argparse.ArgumentParser(description='cerbot helper')
+    p.add_argument('domain', metavar="domain", help="vhost domain(s)", nargs="+")
+    g = p.add_mutually_exclusive_group()
+    g.add_argument('-a', '--add', action='store_true', help="adds cert for given domain(s)")
+    g.add_argument('-r', '--remove', action='store_true', help="removes cert for given domain(s)")
+
+    args = p.parse_args()
+
+    sanity_check_system()
+
+	if args.add:
+		cert_add(args.domain)
+	elif args.remove:
+		cert_remove(args.domain)
+
+	print('done.')
\ No newline at end of file