From nobody Sat Apr 20 19:59:06 2024
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VMMlv3zxTz5JMfg
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Sat, 20 Apr 2024 19:59:07 +0000 (UTC)
	(envelope-from des@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4VMMlv3TSGz4S4l;
	Sat, 20 Apr 2024 19:59:07 +0000 (UTC)
	(envelope-from des@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1713643147;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=ph0sZDE2ZUelDKKud0YXZc5C8RWRJ//e1/J0d6wddRQ=;
	b=RdhISJjgexLVLoW5bN16N6Ea4/134AzrJDE/+S2cy7a3xJF+Guzbo+XRzpq2Ar56GhlnBT
	p9hoo/OxfW87lnV0MFEI0aDoWEScF3b/fQnF6ATvU6c49KlXJuT+o5zvaSnndO7TKRCwzv
	tXIaZEjguiUV+2fjrWsWkZ7H0+UxtEUtVZ/A4rYh8I103Fe9JzZnKokWKVCnBHZpsg2uz6
	LZZF/XFQ8xYAOnMuN5sK6+x1r/pQzp27GNWZN/Ua5k8teyBdhXrVoF2t2Vw6P2PgfilMsv
	SNLGUF7LpTFY01Uzj0PfJ0gYD46WoXz/YWH5u+/xKOCjvrz8+jvF4Agmen8waw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1713643147; a=rsa-sha256; cv=none;
	b=el8iUf7gFDQ0BhHdFQLRYbc+uhPccLc9KOZn6K++7bwIZOJB9Fzha9SANwZ7WUj5IfRwx3
	hhfX9T+ZpJbty7UKR+gyn5T/1b4IBrDWbIQ9C5ydnYJDba86NAOGPMCvjjGdcXKioMTaF7
	hnh2+x3CpfpqehXxIpenZn/16D98G64oNaJR+n3Cl2q23qiZ8q+dHqP2+XjWObqP6+go8d
	BCfC1PedTf/85mOqwWUQ0Ez7XHLSTH631AyfF39SZ5GjPe3XDw8P2ivaKwPE0L2chVG3bT
	sWX/8iwKB2fzCeycLBxovA1g++QQPGEfaaRgpwS4nps7DqmRXhwRg+2rrXL80w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1713643147;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=ph0sZDE2ZUelDKKud0YXZc5C8RWRJ//e1/J0d6wddRQ=;
	b=l40D58xBQvecVbmiMFjsVrljDt/YVn1Fwoe/o123rn14ZftkKPZxoqUwjwqEpPqqM7nuvh
	kjS1MLXQn+TW8fsKqGo9SCArVGkQkZgUpPb1yaK0j/ok58ukTkBVVDQMmRMKBaRF7VAk2b
	2VVtAkZBgbyd38YqkCESAajExuqMXihOTKa5OD3suxRx0LDwB75AazCM+4o8fbKtVbrfAs
	oewkL0l9S484kiVV6znTgyMyLFeTq7wmCNLhlpnEwC1QeejgI2Tj7Fz+6+RrNJRqIOuEtR
	sMdgAA1ZINww2UfxDankg0NCFm7jRNM9J5ZrBswSesI7hbXJrF41Ad3mOl1r3A==
Received: from ltc.des.dev (2a02-8428-0993-f001-922e-16ff-fef1-acef.rev.sfr.net [IPv6:2a02:8428:993:f001:922e:16ff:fef1:acef])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: des)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4VMMlv2GyVzFB1;
	Sat, 20 Apr 2024 19:59:07 +0000 (UTC)
	(envelope-from des@freebsd.org)
Received: by ltc.des.dev (Postfix, from userid 1001)
	id 3E85F1F097; Sat, 20 Apr 2024 21:59:06 +0200 (CEST)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org>
To: "John Levine" <johnl@iecc.com>
Cc: freebsd-questions@freebsd.org,  jerry@seibercom.net
Subject: Re: certbot
In-Reply-To: <20240420153432.671268909CE2@ary.qy> (John Levine's message of
	"20 Apr 2024 11:34:31 -0400")
References: <20240420153432.671268909CE2@ary.qy>
User-Agent: Gnus/5.13 (Gnus v5.13)
Date: Sat, 20 Apr 2024 21:59:06 +0200
Message-ID: <86h6fvajqt.fsf@ltc.des.dev>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
Sender: owner-freebsd-questions@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

"John Levine" <johnl@iecc.com> writes:
> Gerard E. Seibert <jerry@seibercom.net, questions@freebsd.org> writes:
> > If I run the command from the command line, it works as expected. I did
> > place the following in the environment: CRYPTOGRAPHY_OPENSSL_NO_LEGACY=
=3D1
> > I still do not understand why this error only happens from CRON.
>
> Most likely because that variable is not there. Cron uses a standard
> rather sparse environment.  See "man 5 crontab".
>
> In this case rather than messing with the script, just set the
> variable on the command line in the crontab, e.g.
>
> 0 1 * * * CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3D1 certbot ...

Even simpler:

CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3D1=20
@daily certbot renew --apache

put this in, say, /etc/cron.d/certbot.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org