From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 11322987 for ecs-isp@2rosenthals.com; Fri, 06 Dec 2024 14:32:59 -0500 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:60406 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.97.1) (envelope-from ) id 1tJe4I-000000008EM-15Ll for ecs-isp@2rosenthals.com; Fri, 06 Dec 2024 14:32:50 -0500 Received: from mta-201b.earthlink-vadesecure.net ([51.81.229.181]:43169 helo=mta-201a.earthlink-vadesecure.net) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.97.1) (envelope-from ) id 1tJe47-000000004nH-21MX for ecs-isp@2rosenthals.com; Fri, 06 Dec 2024 14:32:40 -0500 DKIM-Signature: v=1; a=rsa-sha256; bh=mHueegmD9MzEdjFHIE2BUIn+qzDcNS8xJ8jnVW q6KdQ=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-unsubscribe-post: list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dk12062016; t=1733513558; x=1734118358; b=Qwpb/jm4FXl1kdd+okESfwyLtGC IaaJyyScpMYiFgWymu/kNijmeQNs3HgCGrlqHlgqBPOzze/OLP5x6UuUbLcpLNyu0Zz23K1 4EDgOgWDOg/LYG68/dwftWOzSOyPSBtBcYi8PsKcTm2mjodHUN97zVK+E0/BQZ7MPTIDyPV QAzFRuC34zfM5bS0uIR+G1Ib5u5WC+RRp1Umy7Hf5yilcTs0YymOBIdRQtAHF904q+vs4Rm c9fhIeetkh1w182wlVcTs4jCQTuQENU3aGu+wQc3XVnjJuOTZPrscxgERhs5fDV0FbbLb2G k30PjzCzF0LWlcKcST4iV2evhVoe+qg== Received: from slamain ([172.56.178.196]) by vsel2nmtao01p.internal.vadesecure.com with ngmta id 795a847f-180ead659e4bbed8; Fri, 06 Dec 2024 19:32:38 +0000 Message-ID: <67534c7f.29.mr2ice.fgrirsq@earthlink.net> Date: Fri, 06 Dec 2024 11:11:59 -0800 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] Getting started with Let's Encrypt X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 12/06/24 at 09:32 PM, "Peter Moylan" said: Hi Peter, >Looking at the Let's Encrypt web site suggests that I need Certbot, >except that they don't have an OS/2 version. Certbot is a nice package, but as you noticed it's not not been ported. >Or >is there another route? If need be, I could probably port this myself. Dan and I are using Paul's uacme port along with a uacme-hook.cmd REXX script that I built based on the uacme.sh that shipped with the uacme distro. The resulting certs work just fine. See dnacih.com, cih.bz and the other dozen or so sites Dan manages. A couple of the sites are dual homed, which need a bit of extra care in the hook script, but it's just code. >I must admit I'm a little nervous about the whole process, given the >difficulties that Massimo seems to have run into; but maybe his issue is >specific to Apache. Massimo had problems for various reasons. Some were because he started with an antique uacme port. He was the first to try to use the port with more than a couple of certs. Once the issues were identified Paul generated a new port which performs well. Others were, IMO, because of Massimo's work style. My style is to write a hook script that works for all sites. His is to maintain a hook script for every site. I have one script to maintain and enhance. He has dozens. The same may be true for his renewal script. I have a uacme-renew.cmd REXX script that handles all the domains via a configuration file. IAC, you are welcome to current copies of the scripts Dan and I use, if you want to give them a try. Working versions have been posted to the list while we were working with Massimo. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------