Date: Thu, 10 Sep 2020 22:21:30 +0000 From: "Daniel Lysfjord" <lysfjord.daniel@smokepit.net> To: freebsd-questions@freebsd.org Subject: Re: py37-certbot question Message-ID: <e427f06d794c8bb1fa66e416e09da196@smokepit.net> In-Reply-To: <f3481d62-9c16-4740-f1b1-c808beb5998c@kicp.uchicago.edu> References: <f3481d62-9c16-4740-f1b1-c808beb5998c@kicp.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
"Valeri Galtsev" <galtsev@kicp.uchicago.edu> skrev 10. september 2020 kl. 23:48: > Dear Experts, > > I hope, someone knows details of python3 based certbot. Namely, if run with "update" command, it > updated certificates that will expire "soon". How soon, it doesn't say in man page, just soon. Does > someone know how close to expiration cert should be to be considered by the script for renewal. https://certbot.eff.org/docs/using.html#renewing-certificates Tells me 30 days:) > > I use certbot since its python 2 version - for quite some time actually to renew LetsEncrypt > certificates. With python2 version in the past I run cron job daily and I was restarting apache > from that same script if certificate was updated. With python3 version when I switched to it I > followed somebody's HOWTO, and just added to /etc/periodic.conf: > > weekly_certbot_enable="YES" > weekly_certbot_service="apache24" > > And was living happily ever since. However, one of the machines is about 4 days before expiration, > Letsencrypt sent me notification: update cert. I checked, and crond is runnning, /etc/periodic.conf > is as expected, and now, 4 days before expiration script (with --dry run flag) indeed goes about > renewing the cert. There is one weekly cron jobs set that will happen before actual expiration of > my certs, so I somehow think all is OK and my cert will be renewed. > > But I am just curios how many days before expiration certbot does renew certificate that will > expire "soon". > > Or should I probably switch it over to daily cron job? > > As every lazy sysadmin, I do prefer to set things up so they definitely work without my attention. > And I do not want to be reminded to do something it it will still happen on its own. So, switch to > daily cron job? > > Thanks. > Valeri > > -- ++++++++++++++++++++++++++++++++++++++++ > Valeri Galtsev > Sr System Administrator > Department of Astronomy and Astrophysics > Kavli Institute for Cosmological Physics > University of Chicago > Phone: 773-702-4247 > ++++++++++++++++++++++++++++++++++++++++ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e427f06d794c8bb1fa66e416e09da196>