From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 11330762 for ecs-isp@2rosenthals.com; Sun, 08 Dec 2024 00:24:40 -0500 Received: from [192.168.200.201] (port=50400 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.97.1) (envelope-from ) id 1tK9mQ-000000007PF-1B8X for ecs-isp@2rosenthals.com; Sun, 08 Dec 2024 00:24:30 -0500 Received: from mta-102b.earthlink-vadesecure.net ([51.81.61.67]:54127 helo=mta-102a.earthlink-vadesecure.net) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.97.1) (envelope-from ) id 1tK9mG-000000004Pu-0KQp for ecs-isp@2rosenthals.com; Sun, 08 Dec 2024 00:24:20 -0500 DKIM-Signature: v=1; a=rsa-sha256; bh=md3CY2g8lsokMHdHHMkgOvmvn1IZIFoPh7usS2 C9RXA=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-unsubscribe-post: list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dk12062016; t=1733635459; x=1734240259; b=dIxTQO2Y1oKTfnxr+LArzkwihhC 00w3knhfpzDVgL2zJHzB+QZ23PJBX7PPeNjmSTX9fSsbEmBhk9jAAyaMqPi4cxQDODJXMpw XvuQ85tmEB5NoayqUnnZP0s9r2iGKd8FtyVBE4AFB3Kb0tGU8Bevq5V+7akPHL915pytU0Y V6zHIdbudEWg3IOq8GciUau81DdDaN09Vqpgho154zhiA4wxtnnnFHE8HjEnoqhN81dj5GF g60yte/UbCNsgVSZU/7ILPDf88robT4ZaBdGynq4IjsTcebXk56W5g68FdVOl8SvzECvolL 940yx8fthz+O5hA+lrZm6L2DQuf/maw== Received: from slamain ([172.56.178.196]) by vsel1nmtao02p.internal.vadesecure.com with ngmta id c5109156-180f1c43da57e218; Sun, 08 Dec 2024 05:24:19 +0000 Message-ID: <6755274e.9.mr2ice.fgrirsq@earthlink.net> Date: Sat, 07 Dec 2024 20:57:50 -0800 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] Getting started with Let's Encrypt X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 12/08/24 at 02:11 PM, "Peter Moylan" said: Hi Peter, >Thanks for this. I've downloaded it, and am now in the process of reading >through the scripts to be sure I understand the process, and to see where >I need to edit the scripts. >I think I now understand the system, though: >the probing server wants a token to be inserted at a particular point in >the HTML document tree, and then it looks to see whether the token is >there. Yes, this is how the http-01 verification method works. It allows Let's Encrypt to verify that the certificate requester has as least this much control of the site content. >I notice that one of your scripts (I forget which) had a comment saying >that you need to check for prerequisites. You're welcome to copy the >procedure CheckPrerequisites that is included in some of my Weasel >utilities, for example > ftp://ftp.pmoylan.org/weasel/tools/adduser.cmd >It's not precisely what you need, but is easy to modify. Thanks. I'm aware of the function. One of the many places I've run into it is in your qmail.cmd. The comment was to remind me to add the code to add the checks, if needed, if the script ever escaped into the wild, which seems to be happening. :-) >I was under the impression that C:\etc\SSL was a remnant of a much >earlier version of OS/2, before SSL was replaced by TLS, so I've been >using the directory \etc\SSL has it's origins in the unix world. The directory never existed on my systems, until ported Linux apps started to appear. > C:\etc\pki\tls >as a place to keep keys and certificates. It's easy enough to change to >using the SSL directory, though. You have the option to override uacme's defaults with the --confdir switch options. We decided it was easier to go wi the flow and change to using the uacme defaults. Back when we were usin self-signed certs, we put them in the apache conf directory and gave them unique names based on the domain name. >>> I've tried looking for uact documentation, but my eyesight is >>> weakening to the point where I can't read pages on github. When I want to read he man page, my goto is https://manpages.ubuntu.com/manpages/focal/man1/uacme.1.html The page format is pretty clean and the text size is easy to adjust. >I had cataract surgery years ago. My GP advised me not to wait until it >got bad, but to get it over with even though my symptoms weren't severe. >It was an easy procedure, after which my vision was good for a number of >years. I've had LASIK was was also an easy procedure. >More recently, though, I've had macular degeneration. My left eye >is now useless for reading, because of distortion at the focus. That's a problem. As I understand it, there are still no really good treatmen options. >That made me rediscover a flaw in the design: >changing the font size changes it for all instances of the shell (and >also all instances of 4OS2) rather than for just one application. The design of what? The WPS? You can change to font size of one session without changing the size system wide. Use the Change button, not the Save button. >Oh, and >the account reconciliation also requires me to hold a magnifying glass >over my phone, because my bank's online banking is incompatible with >Firefox for OS/2. This is where I find a tablet with a large screen handy. Another option is to cast the phone screen to a Smart TV. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------