| Fra: |
"Steven Levine" <ecs-isp@2rosenthals.com> |
Full Headers
Undecoded message |
| Emne: |
Re: [eCS-ISP] Apache HTTPS |
| Dato: |
Mon, 12 Aug 2024 08:52:29 -0700 |
| Til: |
"eCS ISP Mailing List" <ecs-isp@2rosenthals.com> |
|
|---|
In <list-10572844@2rosenthals.com>, on 08/12/24
at 05:13 PM, "Paul Smedley" <ecs-isp@2rosenthals.com> said:
Hi Paul,
>That was easier than I thought - try with
>https://smedley.id.au/tmp/uacme-1.0.19-os2-20240812.zip
This works as expected, so far.
>uacme -v new
uacme.exe: version 1.0.19 starting on Mon, 12 Aug 2024 08:48:55 uacme.exe:
loading key from /etc/ssl/uacme/private/key.pem
uacme.exe: fetching directory at
https://acme-v02.api.letsencrypt.org/directory uacme.exe: creating new
account at https://acme-v02.api.letsencrypt.org/acme/new-acct uacme.exe:
type 'y' to accept the terms at
https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf y
uacme.exe: account created at
https://acme-v02.api.letsencrypt.org/acme/acct/1887445026
A few comments...
When getting started it's probably better to use the --staging (-s)
option. This is designed for testing.
uacme hardcodes the configuration directory to /etc/ssl/uacme. Most of us
use the libc path rewriter which with default settings will map this path
to %ETC/ssl/uacme.
Perhaps the next build should use /@unixroot/etc/ssl rather than /etc/ssl?
This generally works better with apps built against kLIBC?
FWIW, I have implmented a mostly tested and working ucame-hook.cmd. It's
sufficiently generic that one script should work for all domains on a
given system.
Steven
--
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net> Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------
|