Re: certbot

Reply: Souji Thenria: "Re: certbot"
In reply to: John Levine: "Re: certbot"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: paul beard <paulbeard_at_gmail.com>
Date: Sat, 20 Apr 2024 21:29:01 UTC

The meta question for me and perhaps others running FreeBSD 13 is what
changed and how do we prepare for it if we expect to run certbot in FreeBSD
14? I run it as I always have, since release 11 or so.

00 00 * * Sun   python -c 'import random; import time;
time.sleep(random.random() * 3600)' && /usr/local/bin/certbot renew
--renew-hook 'service nginx reload'

Will I need to change that? Do the folks at EFF know/have they documented
what changed and how to manage it?

On Sat, Apr 20, 2024 at 8:35 AM John Levine <johnl@iecc.com> wrote:

> It appears that Gerard E. Seibert <jerry@seibercom.net,
> questions@freebsd.org> said:
> >If I run the command from the command line, it works as expected. I did
> >place the following in the environment: CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1
>
> >I still do not understand why this error only happens from CRON.
>
> Most likely because that variable is not there. Cron uses a standard
> rather sparse environment.  See "man 5 crontab".
>
> In this case rather than messing with the script, just set the
> variable on the command line in the crontab, e.g.
>
> 0 1 * * * CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 certbot ...
>
> R's,
> John
>
>
>

-- 
Paul Beard / www.paulbeard.org/