ecs-isp@2rosenthals.com Archivio Mailing List

Mailing List ecs-isp@2rosenthals.com Messaggio #1339

Da:	"Massimo S." <ecs-isp@2rosenthals.com>	Intestazioni complete Messaggio non codificato
Oggetto:	Re: [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime
Data:	Mon, 25 May 2026 19:40:06 +0200
A:	eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Agree. This stuff (40 days certificate lifetime), like other idiocies i believe are methods built by large companies to discourage the birth of new small businesses in the sector, or to kick out the smaller ones already there. Over-regulation is a new and terrible phenomenon. massimo Il 25/05/2026 18:47, Dan Napier ha scritto: Guys, As a lifelong Safety and Security person, I have often seen what can only be described as less than optimal soulutons to past system failures. Or DAS. Somebody builds a wall that is ten feet high, another comes along with an eleven foot ladder. Or somebody digs a hole under the wall. At a recent criminal investigation during a warranted search, I observed the educated police officer open a tool proof thirty hour safe in about 45 seconds. So changing the combination daily would not have solved that problem! "The best laid plans of mice and men gang aft agley" Respectfully Submitted Dan Napier ------ Original Message ------ From "Dan Napier" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>> To "eCS ISP Mailing List" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>> Date 5/17/2026 7:03:17 PM Subject [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime Peter, Yes I think that linux tries much more often. But I have not found that Steve’s script needs to run more than once. I guess I am just lucky. Cron on the first tenth twentieth and twenty ninth. In the middle of the night on the west coast. But I am still testing. More news in December. Dan ------ Original Message ------ From "Peter Moylan" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>> To "eCS ISP Mailing List" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>> Date 5/17/2026 17:58:41 Subject Re: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime On 18/05/26 03:08, Dan Napier wrote: Buenso Dai, Chaio, Good day, Well, I am running LE. The mirrored servers problem can be solved. You need to be in control of both your Apache servers and your DNS servers. It is a security issue so I would not dream of discussing that on a public platform. It can be accomplished. For a single OS2 apache server with no control to the DNS you can use cron to run steven's script on a few days of the month. If LE fails to update nothing happens, if it updates it updates! I forgot to update and decided to try that so far so good. Does you "a few days of the month" mean that you are suggesting getting a new certificate a lot more often than required? I hadn't thought of that. I'm not using cron to schedule this. Instead, I'm using a feature of DragText that puts a "Schedule" page into the Properties of every program object. At present I run my update script once every 80 days. Let's Encrypt has two main drawbacks: 1. The short expiry time (90 days). 2. The fact that an update attempt often fails (busy server?) so that the job has to be repeated manually. I keep meaning to write a higher-level script that will check for an update failure and repeat the attempt an hour or two later. The best checking method is not yet obvious to me. Parse the log file, or look at the "last written" date of the certificate file? Probably the latter is easier. Is there a utility that will start to run a script every 47 days? Or be smart enuf to remember when it last ran and run 47 days later? DragText can do that, but I would have thought that cron can also do it. -- Peter Moylan peter@pmoylan.org <mailto:peter@pmoylan.org> http://www.pmoylan.org =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= This message is sent to you because you are subscribed to the mailing list <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>. To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com <mailto:ecs-isp-off@2rosenthals.com>> To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com <mailto:ecs-isp-digest@2rosenthals.com>> To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com <mailto:ecs-isp-index@2rosenthals.com>> Send administrative queries to <ecs-isp-request@2rosenthals.com <mailto:ecs-isp-request@2rosenthals.com>> To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com <mailto:ecs-isp-on@2rosenthals.com>> and reply to the confirmation email. Web archives are publicly available at: http://lists.2rosenthals.com This list is hosted by Rosenthal & Rosenthal, LLC P.O. Box 281, Deer Park, NY 11729-0281. Non- electronic communications related to content contained in these messages should be directed to the above address. (CAN-SPAM Act of 2003) =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Iscrizione modo messaggi

Iscrizione modo riassunto

Iscrizione modo index

Cancella

Scrivi al Listmaster