search for: renew

Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal... Has anybody had any experience with that? Thanks so much for your help! Ignacio -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot....

Automatic renewal The Ubuntu package for certbot comes pre-configured with systemd timer that will automatically renew existing certificates. What it does not handle however is reloading postfix/dovecot so that they will begin using the new certificates. For that, we need to implement a hook. Certbot has both pr...

Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot had been running uninterrupted since august 13th, the certificate was renewed on september 7th and I suspect it expir...

I would like to set the renewable lifetime to 90 days. What is the best way to set the Kerberos ticket maximum renewable lifetime. ~# smbd --version Version 4.12.2-Ubuntu ~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator at MYDOM Valid starting Expires Service principal 07/02/20 18:08:...

That’s what I have been looking for, thanks ! From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen Sent: donderdag 6 september 2018 22:21 To: Icecast streaming server user discussions Subject: Re: [Icecast] icecast ssl and letsencrypt renewal You can add a posthook to your certbot cronjob: certbot renew —post-hook “/etc/init.d/icecast restart” Or however you restart icecast On Thu, Sep 6, 2018 at 13:05 _zer0_ gravity <zer0___ at hotmail.com<mailto:zer0___ at hotmail.com>> wrote: Hi all, I have setup icecast to work wi...

El jue., 11 oct. 2018 a las 10:58, Reio Remma (<reio at mrstuudio.ee>) escribi?: > On 11/10/2018 11:55, Ignacio Garcia wrote: > > Hi there. I've been using Dovecot for quite some time now but I just > > started using Let's Encrypt certs. Since LE certs are renewed > > automatically without user intervention I'm wondering if I will need > > to restart dovecot after that renewal... > > A reload will suffice. > > Thanks Reio for your quick answer. Then is it that reload mandatory? What I need to know is if I dovecot can cope with...

We are using tmux, screen and x2go to run long-running jobs on our compute servers. $HOME and other data should be mounted via CIFS or NFS4. Because such a job can run for more than a week, I would like to increase the Kerberos ticket lifetime or better the Kerberos ticket maximum renewable lifetime. I found this guide: https://wiki.samba.org/index.php/Samba_KDC_Settings Unfortunately, only settings that are smaller than the following have an effect: kdc:user ticket lifetime = 24 kdc:renewal lifetime = 24 There appears to be an upper limit of 24 hours that none of these setti...

On 10/1/2020 8:34 AM, Rowland penny via samba wrote: > On 01/10/2020 13:30, Jason Keltz via samba wrote: >> On 10/1/2020 8:28 AM, Rowland penny via samba wrote: >> >>> On 01/10/2020 13:17, Jason Keltz via samba wrote: >>>> So why is it that winbind renews the ticket on the original system, >>>> but on the system that I ssh to, it does not. >>> >>> Do you have 'winbind refresh tickets = yes' set on all the systems ? >> >> Absolutely.? In fact,? both systems are using the identical smb.conf, >&gt...

Hello! Certificates from letsencrypt are renewed every three months. Does that mean a MUA has to accept the renewed certificates manually everytime it is renewed? Sorry if this is OT! Greetings Andreas

On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote: > The general answere here is try and see, as you could totally test it > on your own. The certificate is read at startup and put in memory for > the rest of the execution time. Dovecot won't monitor the file for > changes on disk, as this would waste CPU cycles and make dovecot only > slower for no reason. The process

Hi all, I have setup icecast to work with letsencrypt ssl certificate, this works fine. But now I am struggling a bit on how to renew the certificate every 3 months. As per letsencrypt recommendation I run a cronjob to check for renewal every day, problem is when there is a new certificate Icecast needs to be restarted to pick it up, as the certificate only seems to be loaded at startup of icecast. I am thinking of checking if t...

...y the location of your certificate in the <paths> section: <ssl-certificate>/etc/icecast2/cert+key.pem</ssl-certificate> After restarting you should have a working Icecast with letsencrypt ssl certificate. I have a cronjob running daily calling a script to automatically renew the certificate and restart Icecast if needed: #!/bin/bash certbot-auto renew --post-hook "cat /etc/letsencrypt/live/icecast.domain.name/privkey.pem /etc/letsencrypt/live/icecast.domain.name/cert.pem > /etc/icecast2/cert+key.pem && /etc/init.d/icecast2 restart" Hope this help...

...Would anyone have any idea as to why I would obtain completely different results when subsetting using the subset function vs bracket notation? I have a data frame with 65 variables and 4382 rows. When I use execute the following subset command I get the correct results (125 rows) > subset(df, Renewal==TRUE, 1:2)   However, I tried to obtain the same results with bracket notation as follows.  The output gave me all the rows in the data frame and not just the subset of 125 I was looking for. > df[df$Renewal==TRUE, 1:2] The 'Renewal' variable is of logical type and is the last (65t...

Hi Ralph Boehme, A new system is installed with Ubuntu 24.04.1 and Samba 4.19.5 My hotfolderscan.exe tool runs now on a Windows 2022 system and use the Ubuntu 24 system as Samba share. The hotfolderscan tool has to run 10 hour before the Kerberos ticket renewal. Both on the Ubuntu 24 and the Windows 2022 system, Wireshare is catching the network packages. Tomorrow I hope to see the result. I found the same problem with the Kerberos ticket renewal on a Synology Nas. Their initial response was that it was down to my Windows system or domain controller....

...screen and x2go to run long-running jobs on our >> compute servers. $HOME and other data should be mounted via CIFS or >> NFS4. Because such a job can run for more than a week, I would like to >> increase the Kerberos ticket lifetime or better the Kerberos ticket >> maximum renewable lifetime. >> >> I found this guide: >> >> https://wiki.samba.org/index.php/Samba_KDC_Settings >> >> Unfortunately, only settings that are smaller than the following have an >> effect: >> >> kdc:user ticket lifetime = 24 >> kdc:renewal...

...KINIT pa-data -- kontor$@STH.SOMEDOMAIN.SE Kerberos: Looking for ENC-TS pa-data -- kontor$@STH.SOMEDOMAIN.SE Kerberos: ENC-TS Pre-authentication succeeded -- kontor$@STH.SOMEDOMAIN.SE using arcfour-hmac-md5 Kerberos: AS-REQ authtime: 2014-04-11T09:02:21 starttime: unset endtime: 2014-04-11T19:02:21 renew till: 2014-04-18T09:02:21 Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, arcfour-hmac-md5, 24, -135, des-cbc-md5, using arcfour-hmac-md5/arcfour-hmac-md5 Kerberos: Requested flags: renewable-ok, canonicalize, renewable, forwardable Terminating connection - ...

...> >> Ticket cache: FILE:/tmp/krb5cc_10000 >> Default principal: rowland at SAMDOM.EXAMPLE.COM >> >> Valid starting???? Expires??????????? Service principal >> 01/10/20 15:34:44? 02/10/20 01:34:44 >> krbtgt/SAMDOM.EXAMPLE.COM at SAMDOM.EXAMPLE.COM >> ??? renew until 08/10/20 15:34:44 >> 01/10/20 15:34:44? 02/10/20 01:34:44? CEN8$@SAMDOM.EXAMPLE.COM >> ??? renew until 08/10/20 15:34:44 >> >> New ticket: >> >> Ticket cache: FILE:/tmp/krb5cc_10000 >> Default principal: rowland at SAMDOM.EXAMPLE.COM >> >>...

...;t seem to have been refreshed when I expected :-\ Old ticket: Ticket cache: FILE:/tmp/krb5cc_10000 Default principal: rowland at SAMDOM.EXAMPLE.COM Valid starting???? Expires??????????? Service principal 01/10/20 15:34:44? 02/10/20 01:34:44 krbtgt/SAMDOM.EXAMPLE.COM at SAMDOM.EXAMPLE.COM ??? renew until 08/10/20 15:34:44 01/10/20 15:34:44? 02/10/20 01:34:44? CEN8$@SAMDOM.EXAMPLE.COM ??? renew until 08/10/20 15:34:44 New ticket: Ticket cache: FILE:/tmp/krb5cc_10000 Default principal: rowland at SAMDOM.EXAMPLE.COM Valid starting???? Expires??????????? Service principal 02/10/20 06:41:20? 0...

...The process (or person) that changes the file is > > responsible to restart dovecot to reload the new certificate in memory. > > > > Yassine. > > I should mention that this is also true for Apache and postfix. > > Yassine. Certbot has a feature to run scripts when renewing / deploying certificates. https://certbot.eff.org/docs/using.html#renewing-certificates Certbot also looks for these scripts under /etc/letsencrypt/renewal-hooks/pre post deploy FWIW here is my script restart.sh located in /etc/letsencrypt/renewal-hooks/deploy ------------- #!/bin/sh sys...

...ubuntu-laptop.hh3.site lubuntu-laptop 127.0.1.1 localhost But it is sending a request for the wrong zone: Kerberos: ENC-TS Pre-authentication succeeded -- LUBUNTU-LAPTOP$@HH3.SITE using arcfour-hmac-md5 Kerberos: AS-REQ authtime: 2014-05-20T14:01:35 starttime: unset endtime: 2014-05-21T00:01:35 renew till: 2014-05-21T14:01:35 Kerberos: Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1, 25, 26, using arcfour-hmac-md5/arcfour-hmac-md5 Kerberos: Requested flags: renewable-ok Kerberos: TGS-REQ LUBUNTU-LAPTOP$@HH3.SITE from ipv4:192.168.1....