[ALUG] StartCom Class 1 DV Server CA
Tim Schofield
tim.schofield1960 at gmail.com
Fri Mar 10 10:26:48 EAT 2017
I perhaps should have mentioned that the line:
cd /path/to/letsencrypt
should be altered to be the path to the directory where you have the
letsencrypt executables.
Thanks
Tim
On 10 March 2017 at 05:45, Hamisi Jabe via Linux
<linux at mail.habari.co.tz> wrote:
> Hallow TIm,
>
> As i was asking previously in regards to the bash script
>
> #!/bin/bash
> /etc/init.d/apache2 stop
> cd /path/to/letsencrypt
> ./letsencrypt-auto renew (Any changes needs to be done here? ) in my ssl
> directory i have two files like example.key and example.crt files
> /etc/init.d/apache2 start
>
>
> So after i changed my web server to apache2 and pointed to my ssl directory,
> i tried to execute the script and i get the below results.
>
> #bash sslrenew
> [ ok ] Stopping apache2 (via systemctl): apache2.service.
> sslrenew: line 4: ./letsencrypt-auto: No such file or directory
> [ ok ] Starting apache2 (via systemctl): apache2.service.
>
>
> Thanks
>
>
>
> On 09/03/2017 10:20 alasiri, Tim Schofield via Linux wrote:
>
> Hi Andreas does the renew script now run when the Web server is running?
> When I wrote the script a while back the renew script wouldn't run if nginx
> was up. That's why I stop it first and then start it after.
> Weekly is probably too often but for my purposes ok. I have a number of
> certificates that all renew at different times.
>
> Tim
>
> Course View Towers,
> Plot 21 Yusuf Lule Road,
> Kampala
> T +256 (0) 312 314 418
> M +256 (0) 752 963 325
> www.weberpafrica.com
> Twitter: @TimSchofield2
> Blog: http://weberpafrica.blogspot.co.uk
>
> On 9 Mar 2017 6:08 p.m., "Andreas Tauscher via Linux"
> <linux at mail.habari.co.tz> wrote:
>>
>> With a little change in the order:
>> First renewing the certificate and then reloading webserver.
>> Reducing the downtime to nearly not recognisable.
>> I renew my letsencrypt certificates every two months. Weekly is really not
>> needed.
>> For certificates used with DANE or key pinning hey are dumped in a
>> separate directory and another cron job is rotating the DNS records and
>> pinning headers before changing them really.
>> All a little bit bash and perl-fu
>>
>> Am 9. März 2017 20:32:43 GMT+03:00 schrieb Tim Schofield via Linux
>> <linux at mail.habari.co.tz>:
>> >I have a simple bash script that stops the web server (nginx in my
>> >case), runs that command I posted in my previous post and then
>> >restarts the web server:
>> >
>> >#!/bin/bash
>> >/etc/init.d/nginx stop
>> >cd /path/to/letsencrypt
>> >./letsencrypt-auto renew
>> >/etc/init.d/nginx start
>> >
>> >
>> >I run this once a week from cron and it just updates all of my
>> >certificates automatically. The stopping and starting the web server
>> >is a pain but that is all, and it is only down for a second or two
>> >once a week so for my purposes that is fine.
>> >
>> >Tim
>> >
>> >On 9 March 2017 at 16:52, <administrator at banana.co.tz> wrote:
>> >> Dear Tim,
>> >>
>> >>
>> >>
>> >> More details on the autorenew process please
>> >>
>> >>
>> >>
>> >> Thanks
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> Sent from my Windows 10 phone
>> >>
>> >>
>> >>
>> >> From: Tim Schofield
>> >> Sent: Thursday, March 9, 2017 18:24
>> >> To: Linux Users in Arusha
>> >> Cc: Kevin Chege; Linux Users in Arusha; Hamisi Jabe
>> >> Subject: Re: [ALUG] StartCom Class 1 DV Server CA
>> >>
>> >>
>> >>
>> >> On 9 March 2017 at 15:09, Hamisi Jabe via Linux
>> ><linux at mail.habari.co.tz>
>> >> wrote:
>> >>
>> >>
>> >>
>> >>>
>> >>
>> >>> Anyway is there any autorenewal of the letsencrypt certificates?
>> >>
>> >>>
>> >>
>> >>>
>> >>
>> >>
>> >>
>> >> Yes there is. Just issue the command:
>> >>
>> >>
>> >>
>> >> letsencrypt-auto renew
>> >>
>> >>
>> >>
>> >> via a cron script.
>> >>
>> >>
>> >>
>> >> Tim
>> >>
>> >>
>> >
>> >
>> >
>> >--
>> >Course View Towers,
>> >Plot 21 Yusuf Lule Road,
>> >Kampala
>> >T +256 (0) 312 314 418
>> >M +256 (0) 752 963 325
>> >www.weberpafrica.com
>> >Twitter: @TimSchofield2
>> >Blog: http://weberpafrica.blogspot.co.uk/
>> >_______________________________________________
>> >The Arusha Linux User Group: http://unix.or.tz
>> >Linux mailing list
>> >Linux at mail.habari.co.tz
>> >https://mail.habari.co.tz/cgi-bin/mailman/listinfo/linux
>> >
>> >The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
>> >http://www.habari.co.tz/
>> >
>> >The above comments and data are owned by whoever posted them (including
>> >attachments if any). The mailing list host is not responsible for them
>> >in any way.
>>
>> --
>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>> _______________________________________________
>> The Arusha Linux User Group: http://unix.or.tz
>> Linux mailing list
>> Linux at mail.habari.co.tz
>> https://mail.habari.co.tz/cgi-bin/mailman/listinfo/linux
>>
>> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
>> http://www.habari.co.tz/
>>
>> The above comments and data are owned by whoever posted them (including
>> attachments if any). The mailing list host is not responsible for them in
>> any way.
>
>
>
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at mail.habari.co.tz
> https://mail.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
>
>
>
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at mail.habari.co.tz
> https://mail.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
--
Course View Towers,
Plot 21 Yusuf Lule Road,
Kampala
T +256 (0) 312 314 418
M +256 (0) 752 963 325
www.weberpafrica.com
Twitter: @TimSchofield2
Blog: http://weberpafrica.blogspot.co.uk/
More information about the Linux
mailing list