[buug] letsencrypt

Wojciech Adam Koszek wkoszek at freebsd.czest.pl
Sun May 7 18:47:11 PDT 2017

You start getting reminders around 2 weeks before the expiration date, so I guess anything closer to expiration should be fine. The acme.sh client automatically installs the proper crontab entry for renewals. You may take a look what it's doing


Send from an iPhone

> On May 7, 2017, at 6:19 PM, Ian Zimmerman <itz at primate.net> wrote:
>> On 2017-05-02 14:42, Michael Paoli wrote:
>> If you use certbot client (available in Debian backports & later),
>> and use it in --manual mode, it gives you script bits you can
>> use to fire up http listener under Python.
> I installed the certbot package from jessie-backports.
> Initial cert generation went perfectly,  but then the simulated renewal
> with "certbot renew --dry-run" seems to be quite fragile due to fscked
> DNS on their staging server.
> Given that, I have to decide how often to run the cronjob with the real
> renewal.  Do you (anyone reading this) know how close the cert must be
> to expiration for certbot to try renewing it?
> Thanks,
> i
> -- 
> Please *no* private Cc: on mailing lists and newsgroups
> Personal signed mail: please _encrypt_ and sign
> Don't clear-text sign:
> http://primate.net/~itz/blog/the-problem-with-gpg-signatures.html
> _______________________________________________
> buug mailing list
> buug at buug.org
> http://buug.org/cgi-bin/mailman/listinfo/buug

More information about the buug mailing list