Date: Sun, 7 Mar 2021 18:31:14 +0100 From: freebsd@boosten.org To: freebsd-questions <freebsd-questions@freebsd.org> Cc: David Mehler <dave.mehler@gmail.com> Subject: Re: acme.sh issue, cert date invalid, but no errors from letsencrypt Message-ID: <B2F8BED8-A9E0-4C76-86D4-5CF1A6BB8CE8@boosten.org> In-Reply-To: <CAPORhP6ymOn18r6HGDxGaE8p=cZi19=KQ=FaYcbPXdyKvG3Wnw@mail.gmail.com> References: <CAPORhP6xi2Kf7iQ8BxQNeezycGHOw%2BnSqn6x9hX8mz-wzjakLQ@mail.gmail.com> <B6837972-3357-4469-88EE-F832D7967924@boosten.org> <CAOyJeZSqOsPh2naOB7or7be1MNvzB=aR1WiUhzjf7pkMHv4KfA@mail.gmail.com> <CAPORhP6ymOn18r6HGDxGaE8p=cZi19=KQ=FaYcbPXdyKvG3Wnw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Op 7 mrt. 2021, om 17:48 heeft David Mehler <dave.mehler@gmail.com> =
het volgende geschreven:
>=20
> I've also looked at the file creation date they're the new certs
> issued yesterday, but checking them with openssl shows as I said the
> not after november 2020 date.
>=20
> Suggestions welcome.
So let=E2=80=99s retrace everything. I=E2=80=99ve been looking at my =
setup.
I check by cron if new certs are available, daily. If acme.sh finds new =
certs, in puts them in
/var/db/acme/certs/<domain.tld>/
There are now other directories in there, it always overwrites old ones =
with new ones.=20
I then use Dan Langille=E2=80=99s anvil-port to pull them to my jails =
(sent-puller, also by cron), where they are stored in=20
/usr/local/etc/ssl of that jail.
After putting them there, cert-puller automatically restarts the =
service(s) that rely on the certs. Of course, all my applications point =
to those certs.
Please describe your setup.
Peter
=E2=80=94
It never hurts to help=20
- Eek the Cat!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B2F8BED8-A9E0-4C76-86D4-5CF1A6BB8CE8>