From owner-freebsd-questions@freebsd.org Fri Mar 31 21:22:22 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0F76AD27631 for ; Fri, 31 Mar 2017 21:22:22 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id E4F28C27 for ; Fri, 31 Mar 2017 21:22:21 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id A1481CB8CA7; Fri, 31 Mar 2017 15:50:53 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Fri, 31 Mar 2017 15:50:53 -0500 (CDT) Message-ID: <30904.128.135.52.6.1490993453.squirrel@cosmo.uchicago.edu> In-Reply-To: <30dbdfbaabd9637b9ea95c855497240e@drenet.net> References: <77a1e8683e3a15cd08986d66807959b2@drenet.net> <30dbdfbaabd9637b9ea95c855497240e@drenet.net> Date: Fri, 31 Mar 2017 15:50:53 -0500 (CDT) Subject: Re: letsencrypt configuration From: "Valeri Galtsev" To: "Andre Goree" Cc: freebsd-questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Mar 2017 21:22:22 -0000 On Fri, March 31, 2017 3:08 pm, Andre Goree wrote: > On 2017/03/31 3:40 pm, Andre Goree wrote: >> So how is everyone going about configuring letsencrypt on FreeBSD? It >> would seem that multiple ports that used to exist for this very >> purpose are no longer in the repos (letskencrypt, py-letsencrypt), so >> tutorials I'm finding (and even letskencrypt, which is still in the >> FreeBDS wiki) aren't much help. >> >> Thanks in advance. >> > I actually found this immediately after I posted, all can disregard this > post: https://brnrd.eu/security/2016-12-30/acme-client.html > There was thread not long ago where I described in detail how I installed it. Look for that if nothing else helps. The only thing I would add to that thread is: you have to reload apache (as if you are restarting it) to load updated certificate, which you can do in the cron job you set for updating certs; add --post-hook like below: /usr/local/bin/certbot renew --quiet --post-hook "/usr/local/sbin/apachectl graceful" Thanks. Valeri > > > -- > Andre Goree > -=-=-=-=-=- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++