Teh ForumLet's not encrypt

  

Press Ctrl+Enter to quickly submit your post
Quick Reply  
 
 
  
 From:  CHYRON (DSMITHHFX)    23 Sep 2019 19:27 
 To:  Manthorp      2 of 12 
42456.2 
You must've connected through a non-finicky browser?
“What Happens Next Will Shock You”
0/0
 Reply   Quote More 

 From:  CHYRON (DSMITHHFX)    24 Sep 2019 14:48 
 To:  ALL 3 of 12 
42456.3 
(I have a LE certificate on a work server, it has to be renewed every 60-days. supposedly there's a way to automate this process but for whatever reason I do it manually).
“What Happens Next Will Shock You”
0/0
 Reply   Quote More 

 From:  william (WILLIAMA)   24 Sep 2019 19:01 
 To:  CHYRON (DSMITHHFX)       4 of 12 
42456.4 In reply to 42456.3 
I use one on my OwnCloud server, but I think it's good for 2 years (or 3, I can't remember). Then I'll have to try to work out how to renew it. 
never trust a man in a blue trench coat, never drive a car when you're dead
0/0
 Reply   Quote More 

 From:  CHYRON (DSMITHHFX)    24 Sep 2019 20:49 
 To:  william (WILLIAMA)      5 of 12 
42456.5 In reply to 42456.4 
You paid for it right? 80 bucks a year here, Let's Encrypt ssl is free (which is probably why they have it expire so quickly)
“Some encounters with art merit an autopsy report more than a review.”
0/0
 Reply   Quote More 

 From:  william (WILLIAMA)   24 Sep 2019 20:59 
 To:  CHYRON (DSMITHHFX)       6 of 12 
42456.6 In reply to 42456.5 
Nope. As far as I remember it was free and it hangs off Certbot. The only time I had to do anything at all to it was when they stopped TLS-SNI-01 validation at the end of January (or February?). It lasts for a couple of years and then I have to ask nicely if I can do it all again.

 
never trust a man in a blue trench coat, never drive a car when you're dead
0/0
 Reply   Quote More 

 From:  CHYRON (DSMITHHFX)    24 Sep 2019 21:08 
 To:  william (WILLIAMA)      7 of 12 
42456.7 In reply to 42456.6 
Ah right, that's the automagic version that won't run on my Ubuntu 14.04 PPC server.   :'-( 

I guess 2-minutes attention every 60-days isn't too terrible.
“Some encounters with art merit an autopsy report more than a review.”
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   24 Sep 2019 22:51 
 To:  CHYRON (DSMITHHFX)       8 of 12 
42456.8 In reply to 42456.3 
Automating the process on any standard LAMP server is a piece of piss, and Certbot documentation is easy to follow.

Doing it on a JVM server like Jetty is a pain, and the (usually helpful) Jetty devs wont help. In another month or so I'll find out if I've done enough.
0/0
 Reply   Quote More 

 From:  Peter (BOUGHTONP)   24 Sep 2019 23:05 
 To:  william (WILLIAMA)      9 of 12 
42456.9 In reply to 42456.6 
> It lasts for a couple of years

Then it's not Let's Encrypt - as per their FAQ:

"Our certificates are valid for 90 days. You can read about why here.

There is no way to adjust this, there are no exceptions. We recommend automatically renewing your certificates every 60 days."

However it could be you're using Certbot with another service - since the ISRG aren't idiots, they created a standardised protocol (ACME), and there are several other CAs that use it now.
0/0
 Reply   Quote More 

 From:  william (WILLIAMA)   24 Sep 2019 23:24 
 To:  Peter (BOUGHTONP)      10 of 12 
42456.10 In reply to 42456.9 
It's definitely Let's Encrypt with Certbot because I went and had a look through my emails when I saw this thread. But I can't even remember installing it all. And ACME does ring a bell. I suppose I should go and check before it all stops working. I do vaguely remember that there's a limit of around a couple of years before I have to reapply to use it - presumably as opposed to expiry.

Anyway, my more immediate concern is whether to update to the latest version of OwnCloud since they withdrew their nice simple upgrade script.
never trust a man in a blue trench coat, never drive a car when you're dead
0/0
 Reply   Quote More 

 From:  CHYRON (DSMITHHFX)    25 Sep 2019 00:51 
 To:  Peter (BOUGHTONP)      11 of 12 
42456.11 In reply to 42456.8 
" a piece of piss "

Not on my server (there are no certbot packages for it). The Let's Encrypt manual route is far, far simpler.
“Some encounters with art merit an autopsy report more than a review.”
0/0
 Reply   Quote More 

 From:  Manthorp   25 Sep 2019 08:30 
 To:  CHYRON (DSMITHHFX)       12 of 12 
42456.12 In reply to 42456.2 
Chrome Canary with Bitdefender chucking up dark warnings, but letting me through all the same.
"We all have flaws, and mine is being wicked."
James Thurber, The Thirteen Clocks 1951
 
0/0
 Reply   Quote More 

Reply to All    
 

1–12

Rate my interest:

Adjust text size : Smaller 10 Larger

Beehive Forum 1.5.2 |  FAQ |  Docs |  Support |  Donate! ©2002 - 2024 Project Beehive Forum

Forum Stats