similar to: How do Cerbot files map to Dovecot?

On Thu, 12 Nov 2020, Raymond Herrera wrote: > I am postponing the Apache plugin issue (CentOS is not Certbot friendly) and For the record, certbot works just fine on CentOS. It just requires that you understand how things work. :-) The plugin which you seek is called python2-certbot-apache.noarch. You can see all of the available plugins on CentOS 7 by running the following: yum list

Following the advice obtained here, I am trying to get a LetsEncrypt certificate. These are the instructions: Step 1: https://snapcraft.io/docs/installing-snapd Step 2: https://certbot.eff.org/lets-encrypt/centosrhel7-apache My problem is this error message: # snap install --classic certbot error: system does not fully support snapd: cannot mount squashfs image using "squashfs":

Could you write step by step how you reach the goal? 2018-02-22 15:55 GMT+01:00 Gabriel Kaufmann <mailings at typoworx.com>: > I've tried to create an certbot SAN-Cert with multiple domain-names and > this worked like a charm using one cert for all! Thanks! > > > Best regards > > Gabriel Kaufmann > > -- *Pozdrawiam / Best Regards* *Piotr Bracha*

On 11/12/2020 10:44 AM, Raymond Herrera wrote: > Following the advice obtained here, I am trying to get a LetsEncrypt > certificate. > > These are the instructions: > > Step 1: > https://snapcraft.io/docs/installing-snapd > > Step 2: > https://certbot.eff.org/lets-encrypt/centosrhel7-apache > > My problem is this error message: > > # snap install

Hello fellow CentOS users, I had this cronjob working for many moons on CentOS 7.8.2003: #minute hour mday month wday command 6 6 * * 1 certbot renew --post-hook "cat /etc/letsencrypt/live/raspasy.de/fullchain.pem /etc/letsencrypt/live/ raspasy.de/privkey.pem > /etc/letsencrypt/live/raspasy.de/haproxy.pem; systemctl resstart

That is good to know. I was working on the wrong assumption, attempting to create a client certificate on the Windows/Thunderbird side. I am using the SSL Certificate that comes with the distribution, so the conclusion is Thunderbird does not trust it. I have this in my notes from ages ago, for generating my own self-signed certificate: % openssl req -x509 -newkey rsa:4096 -sha256 -keyout

<master at remort.net> writes: > "writing a script to check the certs" - there is no need to write any > scripts. As one mentioned, it's done by a hook to certbot. Please read > the manuals for LE or certbot. The issue you have is quite common and > of course certbot designed to do it for you. Won't work, of course, if you employ the least-privilege security

On Tue, 12 Sep 2017, dovecot-request at dovecot.org wrote: > What's wrong with using a certbot "post-hook" script such as: > > #!/bin/bash > echo "Letsencrypt renewal hook running..." > echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" > echo "RENEWED_LINEAGE=$RENEWED_LINEAGE" > > if grep --quiet "your.email.domain" <<<

On Mon, Apr 02, 2018 at 02:34:34PM +0200, Gedalya wrote: > On 04/02/2018 02:25 PM, Jeff Abrahamson wrote: > > I see that the file > > > > .well-known/acme-challenge/IT7-YURAep4bniD9zYpKpdRUBQcgCRJ6FflmZzWQGNg > > > > is being created (and one other file, too) but that nginx reports that > > the _directory_ > > > >

Hello, Thanks. Is there another way of doing this? I've got a web server running on 80 and 443. Are there any other options? Thanks. Dave. On 3/3/17, Michael Neurohr <mine at michi.su> wrote: > On 2017-03-03 19:07, David Mehler wrote: >> Hello, >> >> I know some users here are using letsencrypt for their CA. If this is >> to off topic write me privately.

Yup, that did the trick. Thanks! Filipe On 1/10/19 7:47 AM, Aki Tuomi wrote: > > > On 10.1.2019 9.42, Filipe Carvalho wrote: >> >> Hello, >> >> Not sure if this is the right place to post this, but the ssl >> certificate of the repo.dovecot.org server expired on the 9th of January. >> >> It's giving an error via the browser and via the apt

Aki hello, thank you. Hopefully excerpts and top posting are acceptable in the mailing list?? On that assumption: Thanks for the input. I've checked out your suggestions (details below) but unfortunately no joy. I also restored my backup 10-ssl.conf. It indeed has the "<" sign with a space before the explicit paths to the files: ? ? ssl_cert =

Install letsencrypt and request a certificate specifying the webroot of your Icecast server and the host.domain: certbot-auto certonly --webroot --webroot-path /usr/share/icecast2/web/ -d icecast.domain.name Now you should have a certificate for your server, it's only in the wrong format for Icecast, copy the key and the certificate to 1 file with the following cmd: cat

> On Oct 5, 2020, at 7:04 AM, Alexander Farber <alexander.farber at gmail.com> wrote: > > Hello fellow CentOS users, > > I had this cronjob working for many moons on CentOS 7.8.2003: > > #minute hour mday month wday command > 6 6 * * 1 certbot renew --post-hook > "cat

Hi All - I am running CentOS 7.5 and trying to use certbot. I am getting an error 403 forbidden on the /.well-known/acme-challenge/-CG_gSckofY5ln7TdMvoanDI1_FBRh8otQkyB0hxmoo Some searching indicated permission problems... I also noticed that the /var/www/html directory does not even have the .well-known directory in it. The /var/www/html directory was root:root I changed it to root:apache

> I have to say I'm totally baffled since I do nothing when LetsEncrypt renews the certificate. > > I know the cert has been updated because the mail clients asks me if I trust the certificate. > > If it makes a difference I use the bash LetsEncrypt not the Python code. I don't like all those dependencies certbot (python) installs, but it works flawlessly on CentOS. On

That’s what I have been looking for, thanks ! From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen Sent: donderdag 6 september 2018 22:21 To: Icecast streaming server user discussions Subject: Re: [Icecast] icecast ssl and letsencrypt renewal You can add a posthook to your certbot cronjob: certbot renew —post-hook “/etc/init.d/icecast restart” Or however you restart

Not directly an answer to your question, but we had so many problems with the certbot in different constellations, that we moved to https://github.com/acmesh-official/acme.sh which works just fine basically everywhere cheers Soeren ?On 05.10.20, 15:18, "CentOS on behalf of Alexander Farber" <centos-bounces at centos.org on behalf of alexander.farber at gmail.com> wrote:

Problem: We had Dovecot v2.2 working just fine under openSUSE Leap 42.3. But we upgraded openSUSE to Leap 15.0. In the process, Dovecot got upgraded from 2.2 to 2.3.1. It no longer works and I haven't figured out how to downgrade to the older working version. The key issue seems to be the change to requiring dh.pem and changing s sl_protocols to ssl_min_protocols.?I think I've navigated

I'm handling mail for several domains, let's call them a.com, b.com, and c.com. I have certificates for each of these domains individually via certbot (letsencrypt) and nginx is happy with all of that. Since I initially configured the site to handle mail only for a.com, my /etc/postfix/main.cf file currently has these two lines: smtpd_tls_cert_file =