I don't think it is malicious. It is more likely a futile attempt to look like "they" are doing something about the problem. 47 days is a simple target, that AI should be able to defeat in a day, or two. The main problem is, that "they" can't seem to get their act together, and stop the abuse of the internet.

On 2026-05-25, at 19:40:06, Massimo S. wrote:

Agree.

This stuff (40 days certificate lifetime), like other idiocies i believe are methods built by large companies to
discourage the birth of new small businesses in the sector,
or to kick out the smaller ones already there.

Over-regulation is a new and terrible phenomenon.

massimo

Il 25/05/2026 18:47, Dan Napier ha scritto:

Guys,
As a lifelong Safety and Security person, I have often seen what can only be described as less than

optimal soulutons to past system failures.  Or DAS.  Somebody builds a wall that is ten feet high, another
comes along with an eleven foot ladder.  Or somebody digs a hole under the wall.  At a recent criminal
investigation during a warranted search, I observed  the educated police officer open a tool proof thirty hour
safe in about 45 seconds.  So changing the combination daily would not have solved that problem!  "The
best laid plans of mice and men gang aft agley"

Respectfully Submitted
Dan Napier
------ Original Message ------
 From "Dan Napier" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>
To "eCS ISP Mailing List" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>
Date 5/17/2026 7:03:17 PM
Subject [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime
Peter,

Yes I think that linux tries much more often. But I have not found that Steve's script needs to run more

than once. I guess I am just lucky.

Cron on the first tenth twentieth and twenty ninth. In the middle of the night on the west coast. But I am

still testing. More news in December.

Dan

------ Original Message ------

>From "Peter Moylan" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>

To "eCS ISP Mailing List" <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>
Date 5/17/2026 17:58:41
Subject Re: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime

On 18/05/26 03:08, Dan Napier wrote:

Buenso Dai, Chaio, Good day, Well, I am running LE. The mirrored
servers problem can be solved. You need to be in control of both your
Apache servers and your DNS servers. It is a security issue so I
would not dream of discussing that on a public platform. It can be
accomplished. For a single OS2 apache server with no control to the
DNS you can use cron to run steven's script on a few days of the
month. If LE fails to update nothing happens, if it updates it
updates! I forgot to update and decided to try that so far so good.

Does you "a few days of the month" mean that you are suggesting getting
a new certificate a lot more often than required? I hadn't thought of that.
I'm not using cron to schedule this. Instead, I'm using a feature of
DragText that puts a "Schedule" page into the Properties of every
program object. At present I run my update script once every 80 days.
Let's Encrypt has two main drawbacks:
1. The short expiry time (90 days).
2. The fact that an update attempt often fails (busy server?) so that
the job has to be repeated manually.
I keep meaning to write a higher-level script that will check for an
update failure and repeat the attempt an hour or two later. The best
checking method is not yet obvious to me. Parse the log file, or look at
the "last written" date of the certificate file? Probably the latter is
easier.

Is there a utility that will start to run a script every 47 days? Or
be smart enuf to remember when it last ran and run 47 days later?

DragText can do that, but I would have thought that cron can also do it.
-- Peter Moylan peter@pmoylan.org <mailto:peter@pmoylan.org>
http://www.pmoylan.org
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
the mailing list <ecs-isp@2rosenthals.com <mailto:ecs-isp@2rosenthals.com>>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com <mailto:ecs-isp-off@2rosenthals.com>>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com

<mailto:ecs-isp-digest@2rosenthals.com>>

To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com

<mailto:ecs-isp-index@2rosenthals.com>>

Send administrative queries to <ecs-isp-request@2rosenthals.com

<mailto:ecs-isp-request@2rosenthals.com>>

To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com

<mailto:ecs-isp-on@2rosenthals.com>> and reply to the confirmation email.

Web archives are publicly available at: http://lists.2rosenthals.com
This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message is sent to you because you are subscribed to
the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to  <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation
email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=