py37-certbot question
Daniel Lysfjord
lysfjord.daniel at smokepit.net
Thu Sep 10 22:21:41 UTC 2020
"Valeri Galtsev" <galtsev at kicp.uchicago.edu> skrev 10. september 2020 kl. 23:48:
> Dear Experts,
>
> I hope, someone knows details of python3 based certbot. Namely, if run with "update" command, it
> updated certificates that will expire "soon". How soon, it doesn't say in man page, just soon. Does
> someone know how close to expiration cert should be to be considered by the script for renewal.
https://certbot.eff.org/docs/using.html#renewing-certificates
Tells me 30 days:)
>
> I use certbot since its python 2 version - for quite some time actually to renew LetsEncrypt
> certificates. With python2 version in the past I run cron job daily and I was restarting apache
> from that same script if certificate was updated. With python3 version when I switched to it I
> followed somebody's HOWTO, and just added to /etc/periodic.conf:
>
> weekly_certbot_enable="YES"
> weekly_certbot_service="apache24"
>
> And was living happily ever since. However, one of the machines is about 4 days before expiration,
> Letsencrypt sent me notification: update cert. I checked, and crond is runnning, /etc/periodic.conf
> is as expected, and now, 4 days before expiration script (with --dry run flag) indeed goes about
> renewing the cert. There is one weekly cron jobs set that will happen before actual expiration of
> my certs, so I somehow think all is OK and my cert will be renewed.
>
> But I am just curios how many days before expiration certbot does renew certificate that will
> expire "soon".
>
> Or should I probably switch it over to daily cron job?
>
> As every lazy sysadmin, I do prefer to set things up so they definitely work without my attention.
> And I do not want to be reminded to do something it it will still happen on its own. So, switch to
> daily cron job?
>
> Thanks.
> Valeri
>
> -- ++++++++++++++++++++++++++++++++++++++++
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
> ++++++++++++++++++++++++++++++++++++++++
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list