Date: Tue, 22 Mar 2016 22:30:07 -0600 From: "@lbutlr" <kremels@kreme.com> To: freebsd-ports@freebsd.org Subject: Re: LetsEncrypt.sh Message-ID: <87925AC6-DAAF-4A44-8F4A-02DE00587FD0@kreme.com> In-Reply-To: <56ED691D.6070307@fechner.net> References: <6EC70793-78B1-4565-97D6-9022C72E16A7@kreme.com> <56ED691D.6070307@fechner.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Mar 19, 2016, at 8:58 AM, Matthias Fechner <idefix@fechner.net> = wrote: >=20 > Am 19.03.2016 um 13:40 schrieb @lbutlr: >> Is anyone using this port successfully? >>=20 >> It appears to be running here, but is generating some 0 length files: >>=20 >> total 64 >> 8 -rw------- 1 443 443 1854 Mar 4 23:38 cert-1457159890.csr >> 0 -rw------- 1 443 443 0 Mar 4 23:38 cert-1457159890.pem >> 8 -rw------- 1 443 443 1854 Mar 5 05:06 cert-1457179567.csr >> 0 -rw------- 1 443 443 0 Mar 5 05:06 cert-1457179567.pem >> 8 -rw------- 1 443 443 1854 Mar 12 04:35 cert-1457782552.csr >> 0 -rw------- 1 443 443 0 Mar 12 04:35 cert-1457782552.pem >> 8 -rw------- 1 443 443 1854 Mar 19 04:15 cert-1458382543.csr >> 0 -rw------- 1 443 443 0 Mar 19 04:15 cert-1458382543.pem >> 8 -rw------- 1 443 443 3243 Mar 4 23:38 privkey-1457159890.pem >> 8 -rw------- 1 443 443 3243 Mar 5 05:06 privkey-1457179567.pem >> 8 -rw------- 1 443 443 3247 Mar 12 04:35 privkey-1457782552.pem >> 8 -rw------- 1 443 443 3243 Mar 19 04:15 privkey-1458382543.pem >>=20 >> Or I am missing a step. >=20 > I use the port security/letsencrypt.sh which is working fine. > I create the keys with: > sudo letsencrypt certonly --webroot = --webroot-path=3D/usr/local/www/letsencrypt/ --renew-by-default = --agree-tos --email <email> -d <domain1> -d <domain2> =85. My executable is named /usr/local/bin/letsencrypt.sh and does not have a = certonly option. $ letsencrypt.sh -h Usage: /usr/local/bin/letsencrypt.sh [-h] [command [argument]] = [parameter [argument]] [parameter [argument]] ... Default command: help Commands: --cron (-c) Sign/renew = non-existant/changed/expiring certificates. --signcsr (-s) path/to/csr.pem Sign a given CSR, output CRT on stdout = (advanced usage) --revoke (-r) path/to/cert.pem Revoke specified certificate --cleanup (-gc) Move unused certificate files to = archive directory --help (-h) Show help text --env (-e) Output configuration variables for use = in other scripts Parameters: --domain (-d) domain.tld Use specified domain name(s) instead = of domains.txt entry (one certificate!) --force (-x) Force renew of certificate even if it = is longer valid than value in RENEW_DAYS --privkey (-p) path/to/key.pem Use specified private key instead of = account key (useful for revocation) --config (-f) path/to/config.sh Use specified config file --hook (-k) path/to/hook.sh Use specified script for hooks --challenge (-t) http-01|dns-01 Which challenge should be used? = Currently http-01 and dns-01 are supported --algo (-a) rsa|prime256v1|secp384r1 Which public key algorithm should = be used? Supported: rsa, prime256v1 and secp384r1 --=20 A.D. 1517: Martin Luther nails his 95 Theses to the church door and is promptly moderated down to (-1, Flamebait). -- Yu Suzuki
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87925AC6-DAAF-4A44-8F4A-02DE00587FD0>