From: "Peter Moylan" <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTP id 11323399 for ecs-isp@2rosenthals.com; Fri, 06 Dec 2024 21:16:49 -0500
Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:33730 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.97.1)
	(envelope-from <peter@pmoylan.org>)
	id 1tJkN6-0000000020G-1MkP
	for ecs-isp@2rosenthals.com;
	Fri, 06 Dec 2024 21:16:41 -0500
Received: from pmoylan.org ([144.6.37.71]:55806 helo=mail.pmoylan.org)
	by mail2.2rosenthals.com with esmtp (Exim 4.97.1)
	(envelope-from <peter@pmoylan.org>)
	id 1tJkN1-000000001cg-0bWk
	for ecs-isp@2rosenthals.com;
	Fri, 06 Dec 2024 21:16:36 -0500
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_ENDS_IN_URL 0.000000,
	BODY_SIZE_1500_1599 0.000000, BODY_SIZE_2000_LESS 0.000000,
	BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000,
	CTE_7BIT 0.000000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000,
	HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000,
	KNOWN_MSGID 0.000000, LEGITIMATE_SIGNS 0.000000, MSG_THREAD 0.000000,
	NO_URI_HTTPS 0.000000, REFERENCES 0.000000, SENDER_NO_AUTH 0.000000,
	SINGLE_URI_IN_BODY 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000,
	USER_AGENT 0.000000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__COURIER_PHRASE 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000,
	__CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DKIM_ALIGNS_1 0.000000,
	__DKIM_ALIGNS_2 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_URGENCY 0.000000,
	__FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000,
	__HAS_REFERENCES 0.000000, __HEADER_ORDER_FROM 0.000000,
	__IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000,
	__MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000,
	__MIME_VERSION 0.000000, __MOZILLA_MSGID 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __NO_HTML_TAG_RAW 0.000000,
	__RCVD_FROM_DOMAIN 0.000000, __REFERENCES 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SINGLE_URI_TEXT 0.000000,
	__SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000,
	__SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000,
	__TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000,
	__TO_REAL_NAMES 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000,
	__URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000,
	__URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000
X-SASI-Probability: 9%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.12.7.5146
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_ENDS_IN_URL 0.000000,
	BODY_SIZE_1500_1599 0.000000, BODY_SIZE_2000_LESS 0.000000,
	BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000,
	CTE_7BIT 0.000000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000,
	HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000,
	KNOWN_MSGID 0.000000, LEGITIMATE_SIGNS 0.000000, MSG_THREAD 0.000000,
	NO_URI_HTTPS 0.000000, REFERENCES 0.000000, SENDER_NO_AUTH 0.000000,
	SINGLE_URI_IN_BODY 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000,
	USER_AGENT 0.000000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__COURIER_PHRASE 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000,
	__CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DKIM_ALIGNS_1 0.000000,
	__DKIM_ALIGNS_2 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_URGENCY 0.000000,
	__FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000,
	__HAS_REFERENCES 0.000000, __HEADER_ORDER_FROM 0.000000,
	__IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000,
	__MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000,
	__MIME_VERSION 0.000000, __MOZILLA_MSGID 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __NO_HTML_TAG_RAW 0.000000,
	__RCVD_FROM_DOMAIN 0.000000, __REFERENCES 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SINGLE_URI_TEXT 0.000000,
	__SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000,
	__SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000,
	__TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000,
	__TO_REAL_NAMES 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000,
	__URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000,
	__URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000
X-SASI-Probability: 9%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.12.7.5146
DKIM-Signature: v=1; q=dns/txt; a=rsa-sha256; c=relaxed/relaxed; s=default;
 d=pmoylan.org;
 bh=oGAocGw1Aru/fUatSKrTNrZPwIIgHNR6TZ1YXQ1BTXA=;
 h=From:To:Date:Message-ID;
 b=JKc4/fgVTxB2nlDrboU3VQHtrLEl3XywDs+SqdDephzeqw70e2RySJZXLwVxetKkyvh2p
 aBYWq3qrtd/lVr3KCuqxg9nBuxr2wuDiAI1usY7YnjWiacwTtehG710CXQxZe44RkdvxCJ+
 pG4U3WKZd0rTuIKTHQ8FJOEKv4wsHxY=
Received: from [192.168.20.3] (peter.pmoylan.org [192.168.20.3]) by 
 mail.pmoylan.org (Weasel v3.0) for <ecs-isp@2rosenthals.com>; 
 Sat, 07 Dec 2024 13:16:26 +1100
Subject: Re: [eCS-ISP] Getting started with Let's Encrypt
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
References: <list-11322988@2rosenthals.com>
Message-ID: <6753AFFB.5030400@pmoylan.org>
Date: Sat, 7 Dec 2024 13:16:27 +1100
User-Agent: Mozilla/5.0 (OS/2; Warp 4.5; rv:38.0) Gecko/20100101
 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <list-11322988@2rosenthals.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit

On 07/12/24 06:11, Steven Levine wrote:
> In <list-11322461@2rosenthals.com>, on 12/06/24 at 09:32 PM, "Peter
> Moylan" <ecs-isp@2rosenthals.com> said:
>
> Hi Peter,
>
>> Looking at the Let's Encrypt web site suggests that I need
>> Certbot, except that they don't have an OS/2 version.
>
> Certbot is a nice package, but as you noticed it's not not been
> ported.

I've had a quick look at the certbot web site. It looks big enough to
make porting it a daunting task, so maybe I should skip that route.

> Dan and I are using Paul's uacme port along with a uacme-hook.cmd
> REXX script that I built based on the uacme.sh that shipped with the
> uacme distro.  The resulting certs work just fine.  See dnacih.com,
> cih.bz and the other dozen or so sites Dan manages.

I remember seeing that hook script, but I've searched through past mail
and I can only find Massimo's more specific version. It apparently runs
through Apache directories, and I don't have Apache on this machine. (I
keep my certificates in C:\etc\pki\tls\private. I see that Massimo also
uses \etc\ssl, which I suppose is a directory left over from an earlier
version of OS/2, before SSL became TLS.)

Would you mind posting that REXX script again? In fact, I hve the
impression that there have to be two scripts, one for the hook and one
to invoke uact.

I've tried looking for uact documentation, but my eyesight is weakening
to the point where I can't read pages on github.

-- 
Peter Moylan                  peter@pmoylan.org
http://www.pmoylan.org