Mailing List ecs-isp@2rosenthals.com Archived Message #1336 previous message next message back to list

From: "Dan Napier" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime
Date: Mon, 18 May 2026 02:03:17 +0000
To: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>

Peter,
Yes I think that linux tries much more often. But I have not found that Steve’s script needs to run more than once. I guess I am just lucky. 
Cron on the first tenth twentieth and twenty ninth. In the middle of the night on the west coast. But I am still testing. More news in December. 
Dan

------ Original Message ------
From "Peter Moylan" <ecs-isp@2rosenthals.com>
To "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>
Date 5/17/2026 17:58:41
Subject Re: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime

On 18/05/26 03:08, Dan Napier wrote:
 
Buenso Dai, Chaio, Good day, Well, I am running LE. The mirrored
servers problem can be solved. You need to be in control of both your
Apache servers and your DNS servers. It is a security issue so I
would not dream of discussing that on a public platform. It can be
accomplished. For a single OS2 apache server with no control to the
DNS you can use cron to run steven's script on a few days of the
month. If LE fails to update nothing happens, if it updates it
updates! I forgot to update and decided to try that so far so good.
 
Does you "a few days of the month" mean that you are suggesting getting
a new certificate a lot more often than required? I hadn't thought of that.
 
I'm not using cron to schedule this. Instead, I'm using a feature of
DragText that puts a "Schedule" page into the Properties of every
program object. At present I run my update script once every 80 days.
 
Let's Encrypt has two main drawbacks:
1. The short expiry time (90 days).
2. The fact that an update attempt often fails (busy server?) so that
the job has to be repeated manually.
 
I keep meaning to write a higher-level script that will check for an
update failure and repeat the attempt an hour or two later. The best
checking method is not yet obvious to me. Parse the log file, or look at
the "last written" date of the certificate file? Probably the latter is
easier.
 
Is there a utility that will start to run a script every 47 days? Or
be smart enuf to remember when it last ran and run 47 days later?
 
DragText can do that, but I would have thought that cron can also do it.
 
-- Peter Moylan peter@pmoylan.org
http://www.pmoylan.org
 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com
 
This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)
 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 

Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster