Date: Thu, 10 Sep 2020 16:48:16 -0500 From: Valeri Galtsev <galtsev@kicp.uchicago.edu> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: py37-certbot question Message-ID: <f3481d62-9c16-4740-f1b1-c808beb5998c@kicp.uchicago.edu>
next in thread | raw e-mail | index | archive | help
Dear Experts, I hope, someone knows details of python3 based certbot. Namely, if run with "update" command, it updated certificates that will expire "soon". How soon, it doesn't say in man page, just soon. Does someone know how close to expiration cert should be to be considered by the script for renewal. I use certbot since its python 2 version - for quite some time actually to renew LetsEncrypt certificates. With python2 version in the past I run cron job daily and I was restarting apache from that same script if certificate was updated. With python3 version when I switched to it I followed somebody's HOWTO, and just added to /etc/periodic.conf: weekly_certbot_enable="YES" weekly_certbot_service="apache24" And was living happily ever since. However, one of the machines is about 4 days before expiration, Letsencrypt sent me notification: update cert. I checked, and crond is runnning, /etc/periodic.conf is as expected, and now, 4 days before expiration script (with --dry run flag) indeed goes about renewing the cert. There is one weekly cron jobs set that will happen before actual expiration of my certs, so I somehow think all is OK and my cert will be renewed. But I am just curios how many days before expiration certbot does renew certificate that will expire "soon". Or should I probably switch it over to daily cron job? As every lazy sysadmin, I do prefer to set things up so they definitely work without my attention. And I do not want to be reminded to do something it it will still happen on its own. So, switch to daily cron job? Thanks. Valeri -- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?f3481d62-9c16-4740-f1b1-c808beb5998c>