In <list-11322461@2rosenthals.com>, on 12/06/24
at 09:32 PM, "Peter Moylan" <ecs-isp@2rosenthals.com> said:
Hi Peter,
>Looking at the Let's Encrypt web site suggests that I need Certbot,
>except that they don't have an OS/2 version.
Certbot is a nice package, but as you noticed it's not not been ported.
>Or
>is there another route? If need be, I could probably port this myself.
Dan and I are using Paul's uacme port along with a uacme-hook.cmd REXX
script that I built based on the uacme.sh that shipped with the uacme
distro. The resulting certs work just fine. See dnacih.com, cih.bz and
the other dozen or so sites Dan manages.
A couple of the sites are dual homed, which need a bit of extra care in
the hook script, but it's just code.
>I must admit I'm a little nervous about the whole process, given the
>difficulties that Massimo seems to have run into; but maybe his issue is
>specific to Apache.
Massimo had problems for various reasons. Some were because he started
with an antique uacme port. He was the first to try to use the port with
more than a couple of certs. Once the issues were identified Paul
generated a new port which performs well.
Others were, IMO, because of Massimo's work style. My style is to write a
hook script that works for all sites. His is to maintain a hook script
for every site. I have one script to maintain and enhance. He has
dozens. The same may be true for his renewal script. I have a
uacme-renew.cmd REXX script that handles all the domains via a
configuration file.
IAC, you are welcome to current copies of the scripts Dan and I use, if
you want to give them a try. Working versions have been posted to the
list while we were working with Massimo.
Tillbaks till lista