Dan Langille's Other Diary

He has another, more popular, diary. This one is more general.

Let’s Encrypt

  • Today I faced the first consequences of my TXT & Let’s Encrypt strict policy
  • Creating a very specific TXT only nsupdate connection for Let’s Encrypt
  • ACME domain alias mode
  • No more certificate fingerprints – only sasl auth instead
  • Postfix suddenly starts rejecting email it had been accepting
  • Getting acme.sh to renew certs via cronjob on FreeBSD
  • cert-puller: using anvil to pull down & install new certificates, then restart services
  • anvil – copying the certificates to the website
  • cert-shifter: copying certificates from acme.sh to a fresh directory
  • Introducing anvil – Tools for distributing ssl certificates
  • When mv can’t mv – Let’s Encrypt
  • acme.sh: getting free SSL certificates – installation configuration on FreeBSD

Like what we do?

As an Amazon Associate I earn from qualifying purchases.

Want a good read? Please try:
FreeBSD Mastery: Jails (IT Mastery Book 15)

My Websites

  • BSDCan
  • DVL Software Limited
  • FreshPorts
  • FreshSource
  • langille.org
  • PGCon
  • The FreeBSD Diary
  • The Racing System
  • unixathome.org

Search

Categories

Backups Bacula beadm BSDCan CD-ROM Conferences cvsup DELL DHCP Disks DNS ezjail File Systems FreeBSD FreshPorts ftp General hardware iocage IP Filter Jails Kernels Let's Encrypt Mail Mailing Lists Mountain Bikes Moving to PA Nagios named Network monitoring Networks Non-related topics Open Source OpenVPN Opteron Pentabarf PGCon Postfix PostgreSQL poudriere R720 Security ssh WordPress ZFS

Recent Comments

  • Sergey Chalykh on Getting into the CLI for a Unifi switch
  • Dan Langille on Getting into the CLI for a Unifi switch
  • Sergey Chalykh on Getting into the CLI for a Unifi switch
  • Dan Langille on Creating a 4 drive ZFS zpool: stripe over mirrors
  • Triston Line on Creating a 4 drive ZFS zpool: stripe over mirrors

Archives

Follow Me

Twitter
© 2005-2019 Dan Langille Suffusion theme by Sayontan Sinha