Displaying 20 results from an estimated 9000 matches similar to: "letsencrypt"
2017 Sep 12
1
Dovecot and Letsencrypt certs
On Tue, 12 Sep 2017, dovecot-request at dovecot.org wrote:
> What's wrong with using a certbot "post-hook" script such as:
>
> #!/bin/bash
> echo "Letsencrypt renewal hook running..."
> echo "RENEWED_DOMAINS=$RENEWED_DOMAINS"
> echo "RENEWED_LINEAGE=$RENEWED_LINEAGE"
>
> if grep --quiet "your.email.domain" <<<
2017 Sep 12
2
Dovecot and Letsencrypt certs
And remove that "postfix reload" command - Postfix doesn't require
explicit reloading. It'll pickup the changed cert automagically.
Daniel
On 9/12/2017 9:26 AM, Daniel Miller wrote:
> What's wrong with using a certbot "post-hook" script such as:
>
> #!/bin/bash
> echo "Letsencrypt renewal hook running..."
> echo
2017 Sep 11
1
Dovecot and Letsencrypt certs
<master at remort.net> writes:
> "writing a script to check the certs" - there is no need to write any
> scripts. As one mentioned, it's done by a hook to certbot. Please read
> the manuals for LE or certbot. The issue you have is quite common and
> of course certbot designed to do it for you.
Won't work, of course, if you employ the least-privilege security
2017 Mar 03
0
letsencrypt
David Mehler <dave.mehler at gmail.com> writes:
> I'm wanting letsencrypt to take over as my CA, replacing existing self
> signed certificates. I've got web working, a certificate for https
> sites and one for webmail as they have different names. What I'm now
> wanting to do is get letsencrypt going for my email setup, the smtp
> handled by postfix, but mail, and
2018 Sep 15
1
icecast ssl and letsencrypt renewal
Install letsencrypt and request a certificate specifying the webroot of your Icecast server and the host.domain:
certbot-auto certonly --webroot --webroot-path /usr/share/icecast2/web/ -d icecast.domain.name
Now you should have a certificate for your server, it's only in the wrong format for Icecast, copy the key and the certificate to 1 file with the following cmd:
cat
2018 Sep 06
2
icecast ssl and letsencrypt renewal
That’s what I have been looking for, thanks !
From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen
Sent: donderdag 6 september 2018 22:21
To: Icecast streaming server user discussions
Subject: Re: [Icecast] icecast ssl and letsencrypt renewal
You can add a posthook to your certbot cronjob:
certbot renew —post-hook “/etc/init.d/icecast restart”
Or however you restart
2018 Sep 06
0
icecast ssl and letsencrypt renewal
Hello,
How did you get icecast and letsencrypt certificates working?
Thanks.
Dave.
On 9/6/18, _zer0_ gravity <zer0___ at hotmail.com> wrote:
> That’s what I have been looking for, thanks !
>
> From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen
> Sent: donderdag 6 september 2018 22:21
> To: Icecast streaming server user discussions
> Subject: Re:
2017 Aug 20
6
is a self signed certificate always invalid the first time
> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote:
>
> On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
> Joseph Tam <jtam.home at gmail.com> wrote:
>
>> Michael Felt <michael at felt.demon.nl> writes:
>>
>>>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is
>>>> written in pure
2018 Sep 06
0
icecast ssl and letsencrypt renewal
You can add a posthook to your certbot cronjob:
certbot renew —post-hook “/etc/init.d/icecast restart”
Or however you restart icecast
On Thu, Sep 6, 2018 at 13:05 _zer0_ gravity <zer0___ at hotmail.com> wrote:
> Hi all,
>
>
>
> I have setup icecast to work with letsencrypt ssl certificate, this works
> fine.
>
> But now I am struggling a bit on how to renew the
2017 Aug 18
3
is a self signed certificate always invalid the first time
Michael Felt <michael at felt.demon.nl> writes:
>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is
>> written in pure shell script, so no python dependencies.
>> https://github.com/Neilpang/acme.sh
>
> Thanks - I might look at that, but as Ralph mentions in his reply -
> Let's encrypt certs are only for three months - never ending circus.
2017 Aug 18
0
is a self signed certificate always invalid the first time
On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
Joseph Tam <jtam.home at gmail.com> wrote:
> Michael Felt <michael at felt.demon.nl> writes:
>
> >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is
> >> written in pure shell script, so no python dependencies.
> >> https://github.com/Neilpang/acme.sh
> >
> > Thanks - I might
2017 Aug 20
0
is a self signed certificate always invalid the first time
On Sat, 19 Aug 2017 21:39:18 -0400
KT Walrus <kevin at my.walr.us> wrote:
> > On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com>
> > wrote:
> >
> > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
> > Joseph Tam <jtam.home at gmail.com> wrote:
> >
> >> Michael Felt <michael at felt.demon.nl> writes:
>
2017 Mar 03
0
letsencrypt
On 2017-03-03 19:07, David Mehler wrote:
> Hello,
>
> I know some users here are using letsencrypt for their CA. If this is
> to off topic write me privately.
>
> I'm wanting letsencrypt to take over as my CA, replacing existing self
> signed certificates. I've got web working, a certificate for https
> sites and one for webmail as they have different names. What
2017 Mar 03
3
letsencrypt
Hello,
Thanks. Is there another way of doing this? I've got a web server
running on 80 and 443. Are there any other options?
Thanks.
Dave.
On 3/3/17, Michael Neurohr <mine at michi.su> wrote:
> On 2017-03-03 19:07, David Mehler wrote:
>> Hello,
>>
>> I know some users here are using letsencrypt for their CA. If this is
>> to off topic write me privately.
2017 Aug 20
0
is a self signed certificate always invalid the first time
On Sun, 20 Aug 2017 12:29:49 -0400
KT Walrus <kevin at my.walr.us> wrote:
> > On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com>
> > wrote:
> >
> > On Sat, 19 Aug 2017 21:39:18 -0400
> > KT Walrus <kevin at my.walr.us> wrote:
> >
> >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at
2018 Jul 15
0
Letsencrypt certificate for repo.dovecot.org expired May 14th..
:)
Rgds/DP
9849111010
Sent from my iPhone. Pls excuse brevity and typos if any.
> On 15-Jul-2018, at 5:00 PM, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>
> certbot clearly hates me
>
> ---
> Aki Tuomi
> Dovecot oy
>
> -------- Original message --------
> From: "B. Reino" <reinob at bbmk.org>
> Date: 15/07/2018 11:49 (GMT+02:00)
>
2017 Aug 20
3
is a self signed certificate always invalid the first time
> On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote:
>
> On Sat, 19 Aug 2017 21:39:18 -0400
> KT Walrus <kevin at my.walr.us> wrote:
>
>>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com>
>>> wrote:
>>>
>>> On Fri, 18 Aug 2017 00:24:39 -0700 (PDT)
>>> Joseph
2019 Sep 17
0
audit freeing multiple contexts (when running certbot)
Apologies if it's considered off-topic, but I'm not sure in what part
of the system the issue lies. So I am giving as much info as possible,
not knowing which is most relevant.
I have two VMs hosted on ESX, running CentOS 6.10
One has kernel 2.6.32-754.11.1.el6.i686 and the other has 2.6.32-754.18.2.el6.i686
Both have selinux, currently in permissive mode.
On both machines we have
2019 Mar 14
0
Re: Am I right to assume certificate renewal with the same filename requires a dovecot reload/restart
On Thu, Mar 14, 2019, at 11:33 AM, Yassine Chaouche via dovecot wrote:
> On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote:
> > The general answere here is try and see, as you could totally test it
> > on your own. The certificate is read at startup and put in memory for
> > the rest of the execution time. Dovecot won't monitor the file for
> > changes on
2018 Sep 06
2
icecast ssl and letsencrypt renewal
Hi all,
I have setup icecast to work with letsencrypt ssl certificate, this works fine.
But now I am struggling a bit on how to renew the certificate every 3 months.
As per letsencrypt recommendation I run a cronjob to check for renewal every day,
problem is when there is a new certificate Icecast needs to be restarted to pick it up, as the certificate only seems to be loaded at startup of