From owner-freebsd-ports@freebsd.org  Wed Mar 23 04:30:18 2016
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 755D49D9E97
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Wed, 23 Mar 2016 04:30:18 +0000 (UTC)
 (envelope-from kremels@kreme.com)
Received: from mail.covisp.net (mail.covisp.net [65.121.55.42])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 5D5A91722
 for <freebsd-ports@freebsd.org>; Wed, 23 Mar 2016 04:30:17 +0000 (UTC)
 (envelope-from kremels@kreme.com)
Received: from mail.covisp.net (localhost [127.0.0.1])
 by mail.covisp.net (Postfix) with ESMTP id 3qVGnY523kzpKts;
 Tue, 22 Mar 2016 22:30:09 -0600 (MDT)
X-Virus-Scanned: amavisd-new at covisp.net
Received: from mail.covisp.net ([127.0.0.1])
 by mail.covisp.net (mail.covisp.net [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id y-Ri3VmBt05E; Tue, 22 Mar 2016 22:30:07 -0600 (MDT)
Content-Type: text/plain; charset=windows-1252
Subject: Re: LetsEncrypt.sh
From: "@lbutlr" <kremels@kreme.com>
In-Reply-To: <56ED691D.6070307@fechner.net>
Date: Tue, 22 Mar 2016 22:30:07 -0600
Content-Transfer-Encoding: quoted-printable
Message-Id: <87925AC6-DAAF-4A44-8F4A-02DE00587FD0@kreme.com>
References: <6EC70793-78B1-4565-97D6-9022C72E16A7@kreme.com>
 <56ED691D.6070307@fechner.net>
To: freebsd-ports@freebsd.org
X-Mailer: Apple Mail (2.3112)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Mar 2016 04:30:18 -0000


> On Mar 19, 2016, at 8:58 AM, Matthias Fechner <idefix@fechner.net> =
wrote:
>=20
> Am 19.03.2016 um 13:40 schrieb @lbutlr:
>> Is anyone using this port successfully?
>>=20
>> It appears to be running here, but is generating some 0 length files:
>>=20
>> total 64
>> 8 -rw-------  1 443  443  1854 Mar  4 23:38 cert-1457159890.csr
>> 0 -rw-------  1 443  443     0 Mar  4 23:38 cert-1457159890.pem
>> 8 -rw-------  1 443  443  1854 Mar  5 05:06 cert-1457179567.csr
>> 0 -rw-------  1 443  443     0 Mar  5 05:06 cert-1457179567.pem
>> 8 -rw-------  1 443  443  1854 Mar 12 04:35 cert-1457782552.csr
>> 0 -rw-------  1 443  443     0 Mar 12 04:35 cert-1457782552.pem
>> 8 -rw-------  1 443  443  1854 Mar 19 04:15 cert-1458382543.csr
>> 0 -rw-------  1 443  443     0 Mar 19 04:15 cert-1458382543.pem
>> 8 -rw-------  1 443  443  3243 Mar  4 23:38 privkey-1457159890.pem
>> 8 -rw-------  1 443  443  3243 Mar  5 05:06 privkey-1457179567.pem
>> 8 -rw-------  1 443  443  3247 Mar 12 04:35 privkey-1457782552.pem
>> 8 -rw-------  1 443  443  3243 Mar 19 04:15 privkey-1458382543.pem
>>=20
>> Or I am missing a step.
>=20
> I use the port security/letsencrypt.sh which is working fine.
> I create the keys with:
> sudo letsencrypt certonly --webroot =
--webroot-path=3D/usr/local/www/letsencrypt/ --renew-by-default =
--agree-tos --email <email> -d <domain1> -d <domain2> =85.

My executable is named /usr/local/bin/letsencrypt.sh and does not have a =
certonly option.

$ letsencrypt.sh -h
Usage: /usr/local/bin/letsencrypt.sh [-h] [command [argument]] =
[parameter [argument]] [parameter [argument]] ...

Default command: help

Commands:
 --cron (-c)                      Sign/renew =
non-existant/changed/expiring certificates.
 --signcsr (-s) path/to/csr.pem   Sign a given CSR, output CRT on stdout =
(advanced usage)
 --revoke (-r) path/to/cert.pem   Revoke specified certificate
 --cleanup (-gc)                  Move unused certificate files to =
archive directory
 --help (-h)                      Show help text
 --env (-e)                       Output configuration variables for use =
in other scripts

Parameters:
 --domain (-d) domain.tld         Use specified domain name(s) instead =
of domains.txt entry (one certificate!)
 --force (-x)                     Force renew of certificate even if it =
is longer valid than value in RENEW_DAYS
 --privkey (-p) path/to/key.pem   Use specified private key instead of =
account key (useful for revocation)
 --config (-f) path/to/config.sh  Use specified config file
 --hook (-k) path/to/hook.sh      Use specified script for hooks
 --challenge (-t) http-01|dns-01  Which challenge should be used? =
Currently http-01 and dns-01 are supported
 --algo (-a) rsa|prime256v1|secp384r1 Which public key algorithm should =
be used? Supported: rsa, prime256v1 and secp384r1

--=20
A.D. 1517: Martin Luther nails his 95 Theses to the church door and is
promptly moderated down to (-1, Flamebait). -- Yu Suzuki