Dan Langille's Other Diary

He has another, more popular, diary. This one is more general.

Let’s Encrypt

Today I faced the first consequences of my TXT & Let’s Encrypt strict policy
Creating a very specific TXT only nsupdate connection for Let’s Encrypt
ACME domain alias mode
No more certificate fingerprints – only sasl auth instead
Postfix suddenly starts rejecting email it had been accepting
Getting acme.sh to renew certs via cronjob on FreeBSD
cert-puller: using anvil to pull down & install new certificates, then restart services
anvil – copying the certificates to the website
cert-shifter: copying certificates from acme.sh to a fresh directory
Introducing anvil – Tools for distributing ssl certificates
When mv can’t mv – Let’s Encrypt
acme.sh: getting free SSL certificates – installation configuration on FreeBSD

Like what we do?

As an Amazon Associate I earn from qualifying purchases.

Want a good read? Please try:
FreeBSD Mastery: Jails (IT Mastery Book 15)

My Websites

BSDCan
DVL Software Limited
FreshPorts
FreshSource
langille.org
PGCon
The FreeBSD Diary
The Racing System
unixathome.org

Search

Categories

Backups Bacula beadm BSDCan Conferences cvsup DELL DHCP Disks DNS ezjail File Systems FreeBSD freebsd-update FreshPorts ftp General hardware iocage IP Filter Jails Kernels Let's Encrypt Mail Mailing Lists Mountain Bikes Moving to PA Nagios named Network monitoring Networks Non-related topics Open Source OpenVPN Opteron Pentabarf PGCon Postfix PostgreSQL poudriere R720 Security ssh WordPress ZFS

Recent Comments

Dan Langille on Converting an iocage jail to a vanilla jail
Race Boyer on Converting an iocage jail to a vanilla jail
Michael Hurley on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration
Dan Langille on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration
Michael Hurley on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration

Archives

Archives

Follow Me

© 2005-2019 Dan Langille

Suffusion theme by Sayontan Sinha