Displaying 20 results from an estimated 138 matches for "certbot".
2020 Oct 05
2
certbot stopped working on CentOS 7: pyOpenSSL module missing required functionality
Hello fellow CentOS users,
I had this cronjob working for many moons on CentOS 7.8.2003:
#minute hour mday month wday command
6 6 * * 1 certbot renew --post-hook
"cat /etc/letsencrypt/live/raspasy.de/fullchain.pem /etc/letsencrypt/live/
raspasy.de/privkey.pem > /etc/letsencrypt/live/raspasy.de/haproxy.pem;
systemctl resstart haproxy"
(I run a post hook, because haproxy-1.5.18-9.el7.x86_64 from the CentOS
packages wants to hav...
2020 Nov 12
2
Trying to install certbot on CentOS
Following the advice obtained here, I am trying to get a LetsEncrypt
certificate.
These are the instructions:
Step 1:
https://snapcraft.io/docs/installing-snapd
Step 2:
https://certbot.eff.org/lets-encrypt/centosrhel7-apache
My problem is this error message:
# snap install --classic certbot
error: system does not fully support snapd: cannot mount squashfs image
using "squashfs": mount:
?????? /tmp/sanity-squashfs-881328484: failed to setup loop device: No
such fil...
2020 Nov 12
2
How do Cerbot files map to Dovecot?
I am postponing the Apache plugin issue (CentOS is not Certbot friendly)
and requesting a standalone, generic certificate. After the command "1:
Spin up a temporary webserver" I have the following 2 files in the
folder /etc/letsencrypt:
-rw-r--r-- 1 root root? 924 Nov 12 11:14 csr/0000_csr-certbot.pem
-rw------- 1 root root 1708 Nov 12 11:14 keys...
2018 Jul 10
3
Certbot error CentOS 7.5
Hi All - I am running CentOS 7.5 and trying to use certbot.
I am getting an error 403 forbidden on the
/.well-known/acme-challenge/-CG_gSckofY5ln7TdMvoanDI1_FBRh8otQkyB0hxmoo
Some searching indicated permission problems... I also noticed that the
/var/www/html directory does not even have the .well-known directory in
it. The /var/www/html directory was...
2020 Oct 05
0
certbot stopped working on CentOS 7: pyOpenSSL module missing required functionality
...04 AM, Alexander Farber <alexander.farber at gmail.com> wrote:
>
> Hello fellow CentOS users,
>
> I had this cronjob working for many moons on CentOS 7.8.2003:
>
> #minute hour mday month wday command
> 6 6 * * 1 certbot renew --post-hook
> "cat /etc/letsencrypt/live/raspasy.de/fullchain.pem /etc/letsencrypt/live/
> raspasy.de/privkey.pem > /etc/letsencrypt/live/raspasy.de/haproxy.pem;
> systemctl resstart haproxy"
>
Should that be ?restart?? In the above you have double ?s?.
Valeri
>...
2020 Nov 12
1
Fwd: Trying to install certbot on CentOS
On 11/12/2020 10:44 AM, Raymond Herrera wrote:
> Following the advice obtained here, I am trying to get a LetsEncrypt
> certificate.
>
> These are the instructions:
>
> Step 1:
> https://snapcraft.io/docs/installing-snapd
>
> Step 2:
> https://certbot.eff.org/lets-encrypt/centosrhel7-apache
>
> My problem is this error message:
>
> # snap install --classic certbot
>
> error: system does not fully support snapd: cannot mount squashfs
> image using "squashfs": mount:
> ?????? /tmp/sanity-squashfs-881328484: faile...
2018 Apr 02
3
multi-site SSL certificates
...ep4bniD9zYpKpdRUBQcgCRJ6FflmZzWQGNg
> >
> > doesn't exist.
>
> You have a problem with your nginx config. It doesn't seem related to postfix et al.
>
> Really off-topic for this list but you could perhaps post your nginx config and logs.
If this is more properly a certbot question, I should ask there. I'd
understood from the certbot docs that postfix had developed a
postfix-specific certbot plugin, in which case this might have been
the right venue to ask. That I hadn't found that plugin was, to be
fair, a bit suspicious to me, but it wouldn't be the f...
2019 Jan 10
3
repo.dovecot.org expired certificate
...t;> Cheers!
>>
>> Filipe Carvalho
>>
>> --
>>
>> UP Digital
>> Filipe Carvalho
>>
>> Infraestruturas Tecnol?gicas / IT infrastructures
>>
>> filipec at uporto.pt <mailto:filipec at uporto.pt>
>>
>
> Amazing this certbot thing...
>
> [Unit]
> Description=Certbot
> Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html
> Documentation=https://letsencrypt.readthedocs.io/en/latest/
> [Service]
> Type=oneshot
> ExecStart=/usr/bin/certbot -q renew --post-hook
> /etc/letsencrypt...
2020 Oct 05
2
certbot stopped working on CentOS 7: pyOpenSSL module missing required functionality
Yes, I had a typo in the mail, but not in the cronjob
Still wondering how to get certbot-1.7.0-1.el7.noarch working on CentOS 7
again.
2018 Feb 22
2
Multiple SSL-Certificates/Domains setup not working | Solved!
Could you write step by step how you reach the goal?
2018-02-22 15:55 GMT+01:00 Gabriel Kaufmann <mailings at typoworx.com>:
> I've tried to create an certbot SAN-Cert with multiple domain-names and
> this worked like a charm using one cert for all! Thanks!
>
>
> Best regards
>
> Gabriel Kaufmann
>
>
--
*Pozdrawiam / Best Regards*
*Piotr Bracha*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: &l...
2020 Oct 05
0
certbot stopped working on CentOS 7: pyOpenSSL module missing required functionality
Not directly an answer to your question, but we had so many problems with the certbot in different constellations, that we moved to
https://github.com/acmesh-official/acme.sh
which works just fine basically everywhere
cheers
Soeren
?On 05.10.20, 15:18, "CentOS on behalf of Alexander Farber" <centos-bounces at centos.org on behalf of alexander.farber at gmail.com>...
2017 Sep 11
1
Dovecot and Letsencrypt certs
<master at remort.net> writes:
> "writing a script to check the certs" - there is no need to write any
> scripts. As one mentioned, it's done by a hook to certbot. Please read
> the manuals for LE or certbot. The issue you have is quite common and
> of course certbot designed to do it for you.
Won't work, of course, if you employ the least-privilege security principle
and run the certbot as a non-privileged user. You'll need a script with
adm...
2017 Sep 12
1
Dovecot and Letsencrypt certs
On Tue, 12 Sep 2017, dovecot-request at dovecot.org wrote:
> What's wrong with using a certbot "post-hook" script such as:
>
> #!/bin/bash
> echo "Letsencrypt renewal hook running..."
> echo "RENEWED_DOMAINS=$RENEWED_DOMAINS"
> echo "RENEWED_LINEAGE=$RENEWED_LINEAGE"
>
> if grep --quiet "your.email.domain" <<< &q...
2017 Mar 03
3
letsencrypt
...the smtp
>> handled by postfix, but mail, and imap I believe are handled by
>> dovecot.
>>
>> With the web it was easy just let apache serve the token that
>> letsencrypt needed and I got certificates. How do I do this with
>> regards email?
>
> You can use certbot. It has a built in webserver. It allows you to
> retrieve and renew the certificates automatically. I'm using it for
> Dovecot and Postfix.
>
> See https://certbot.eff.org/
>
> I'm doing everything with the following command:
>
> certbot/certbot-auto certonly --no-se...
2019 Sep 17
0
audit freeing multiple contexts (when running certbot)
...0): major=355 name_count=0: freeing multiple contexts (2)
Sep 17 10:32:29 merlin kernel: audit(:0): major=252 name_count=0: freeing multiple contexts (1)
Sep 17 10:32:29 merlin kernel: audit(:0): major=355 name_count=0: freeing multiple contexts (2)
On further investigation, this only happens when certbot-auto runs (under python 3.4),
whether or not it renews the certificate.
The above instance was created by running the following command:
[root at merlin ~]# date ; cd /opt/letsencrypt && ./certbot-auto renew ; date
Tue Sep 17 10:32:24 BST 2019
/opt/eff.org/certbot/venv/lib/python3.4/site-...
2020 Nov 12
0
How do Cerbot files map to Dovecot?
On Thu, 12 Nov 2020, Raymond Herrera wrote:
> I am postponing the Apache plugin issue (CentOS is not Certbot friendly) and
For the record, certbot works just fine on CentOS. It just requires that you
understand how things work. :-)
The plugin which you seek is called python2-certbot-apache.noarch. You can
see all of the available plugins on CentOS 7 by running the following:
yum list \*certbot\*
In ad...
2018 Dec 14
2
Upgrade to 2.3.1 has failed
...ere is no valid PEM certificate.
We have followed the instructions at? https://wiki.dovecot.org/S
SL/DovecotConfiguration
1. We have created /etc/dovecot/dh.pem (yes it took five
hours)?
2. We have edited 10-ssl.conf as directed by the Wiki:
ssl = yes
ssl_cert =
/etc/certbot/live/privustech.com/fullchain.pem
ssl_key = /etc/certbot/live/privustech.com/privkey.pem
ssl_dh = /etc/dovecot/dh.pem #(yes, it took five hours to create...)
ssl_min_protocol = TLSv1
ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!E...
2018 Dec 14
2
Upgrade to 2.3.1 has failed
...in the mailing list??
On that assumption:
Thanks for the input. I've checked out your suggestions (details below)
but unfortunately no joy.
I also restored my backup 10-ssl.conf. It indeed has the "<" sign with
a space before the explicit paths to the files:
? ? ssl_cert = </etc/certbot/live/privustech.com/fullchain.pem
? ? ssl_key = </etc/certbot/live/privustech.com/privkey.pem
?It returns several complaints after restarting dovecot which I
addressed:
? ??https://wiki2.dovecot.org/Upgrading/2.3
? ??https://github.com/dovecot/core/blob/master/doc/example-config/conf
.d/10-ssl.c...
2019 Mar 14
4
Am I right to assume certificate renewal with the same filename requires a dovecot reload/restart
On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote:
> The general answere here is try and see, as you could totally test it
> on your own. The certificate is read at startup and put in memory for
> the rest of the execution time. Dovecot won't monitor the file for
> changes on disk, as this would waste CPU cycles and make dovecot only
> slower for no reason. The process
2017 Mar 03
6
letsencrypt
Hello,
I know some users here are using letsencrypt for their CA. If this is
to off topic write me privately.
I'm wanting letsencrypt to take over as my CA, replacing existing self
signed certificates. I've got web working, a certificate for https
sites and one for webmail as they have different names. What I'm now
wanting to do is get letsencrypt going for my email setup, the smtp