Mailing List ecs-isp@2rosenthals.com Archived Message #1086

Fra: "Massimo S." <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Emne: Re: [eCS-ISP] Getting started with Let's Encrypt
Dato: Wed, 11 Dec 2024 10:07:10 +0100
Til: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Il 11/12/2024 06:41, Steven Levine ha scritto:
uacme -v -h uacme-hook.cmd issuewww.pmoylan.org  pmoylan.org ...
This looks fine to me.

Here's the result of that "issue" operation:
[D:\APPS\UACME]uacme -v -h uacme-hook.cmd issue pmoylan.org
www.pmoylan.org  mail.pmoylan.org
uacme: version 1.2.4 starting on Tue, 10 Dec 2024 10:06:27
uacme: loading key from /@unixroot/etc/ssl/uacme/private/key.pem uacme:
loading key from /@unixroot/etc/ssl/uacme/private/pmoylan.org/key.pem
uacme: checking existence and expiration of
/@unixroot/etc/ssl/uacme/pmoylan.org
/cert.pem
uacme: /@unixroot/etc/ssl/uacme/pmoylan.org/cert.pem does not exist
> So far, so good.  Since this is first time you are issuing this
certificate, it should not exist.
I use a trick for this, i renew certificates each 60 days,
but since LE accept renewal only for certificates that
have less than 30 days, before starting the reissue i do
a copy of cert.pem and key.pem after i delete the certificate (cert.pem).

So LE do not complain that the certificate is not eligible for reissue
and create a new one.

I suggest you not to wait too much for the renewal since sometimes
LE have performance issues, or they change something and if you are
too close to the certificate end it become a problem..

massimo





Abboner: Feed, Digest, Index.
Stopp abbonement
E-post til ListMaster