[PLUG] Favorite Certificate Authorities

chris (fool) mccraw gently at gmail.com
Wed Sep 5 22:24:08 UTC 2018 

I can confirm both of Louis' comments:

- you can run it daily and it doesn't abuse their server or change the
certificate until <30 days remain.  That's the setup I use daily in cron,
but shown here from the command line:

# letsencrypt renew
Processing /etc/letsencrypt/renewal/www.q42.me.conf
Processing /etc/letsencrypt/renewal/supportfolio.com.conf

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/www.q42.me/fullchain.pem (skipped)
  /etc/letsencrypt/live/supportfolio.com/fullchain.pem (skipped)
No renewals were attempted.

- my server had the problem that it didn't trigger a webserver restart
until I updated the cron script to also restart apache.

On Wed, Sep 5, 2018 at 3:13 PM Louis Kowolowski <louisk at cryptomonkeys.org>
wrote:

> I believe that you can run the renew frequently and it won't actually
> renew until the time is right. Something like daily/weekly cron.
>
> Also, you want to make sure that when you renew, that it triggers a reload
> for your web server. Otherwise the new cert won't be picked up and you'll
> be frustrated.
>
>
> > On Sep 5, 2018, at 4:35 PM, Paul Heinlein <heinlein at madboa.com> wrote:
> >
> > On Wed, 5 Sep 2018, Tomas Kuchta (and several others) wrote:
> >
> >> LetsEncrypt.org
> >
> > Thanks to everyone who chimed in! The setup for LetsEncrypt was pretty
> easy using certbot, so I've installed a new key/cert/chain and will try
> living with it for a while.
> >
> > Supposedly it will be eligible for renewal in early November, so I've
> added a "certbot renew" cron job to my server and added an item about
> checking my certificate to my to-do list around then.
> >
> > --
> > Paul Heinlein
> > heinlein at madboa.com
> > 45°38' N, 122°6' W_______________________________________________
> > PLUG mailing list
> > PLUG at pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
>
> --
> Louis Kowolowski                                louisk at cryptomonkeys.org
> Cryptomonkeys:
> http://www.cryptomonkeys.com/
>
> Making life more interesting for people since 1977
>
> _______________________________________________
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>

More information about the PLUG mailing list