Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
| From | Eli the Bearded <*@eli.users.panix.com> |
|---|---|
| Newsgroups | comp.misc |
| Subject | Re: 6-day TLS certificates from Let's Encrypt |
| Date | 2024-12-15 03:11 +0000 |
| Organization | Some absurd concept |
| Message-ID | <eli$2412142206@qaz.wtf> (permalink) |
| References | <877c85reae.fsf@example.com> <20241212.001223.a7feaecb@mixmin.net> <vjdanm$1potb$1@dont-email.me> <14s*y7X1z@news.chiark.greenend.org.uk> |
In comp.misc, Theo <theom+news@chiark.greenend.org.uk> wrote: > It sounds quite handy to me. One of the problems with Let's Encrypt is that > you set up your server, you get a LE certificate, you set up a cron job for > renewal. And then 90 days later you find out that your cron job didn't work > for $reasons and the cert expired. Making this timeout 6 days means that > you find this bug much quicker - if it's still working after a couple of > weeks then things are good. When I have problems, I get mail from Let's Encrypt saying things like "your cert is expiring in two weeks, did you know that?". That's why you give them an email address during setup. In my case, it's usually not because there is an issue with cron, but because I have N names in one cert and I deleted the DNS record for one of those and didn't update the LE config. They, quite rightly, don't like to give out certs for names that don't resolve. Elijah ------ sometimes uses wildcard certs
Back to comp.misc | Previous | Next — Previous in thread | Next in thread | Find similar
6-day TLS certificates from Let's Encrypt Salvador Mirzo <smirzo@example.com> - 2024-12-11 20:27 -0300
Re: 6-day TLS certificates from Let's Encrypt D <noreply@mixmin.net> - 2024-12-12 00:12 +0000
Re: 6-day TLS certificates from Let's Encrypt Rich <rich@example.invalid> - 2024-12-12 00:28 +0000
Re: 6-day TLS certificates from Let's Encrypt Broseki <broseki@whitetail.is> - 2024-12-12 01:05 +0000
Re: 6-day TLS certificates from Let's Encrypt Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-12-12 06:07 +0000
Re: 6-day TLS certificates from Let's Encrypt Broseki <broseki@whitetail.is> - 2024-12-12 22:28 +0000
Re: 6-day TLS certificates from Let's Encrypt Richard Kettlewell <invalid@invalid.invalid> - 2024-12-12 23:28 +0000
Re: 6-day TLS certificates from Let's Encrypt Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-12-13 03:02 +0000
Re: 6-day TLS certificates from Let's Encrypt D <noreply@mixmin.net> - 2024-12-12 01:42 +0000
Re: 6-day TLS certificates from Let's Encrypt Richard Kettlewell <invalid@invalid.invalid> - 2024-12-12 10:03 +0000
Re: 6-day TLS certificates from Let's Encrypt Theo <theom+news@chiark.greenend.org.uk> - 2024-12-13 18:22 +0000
Re: 6-day TLS certificates from Let's Encrypt Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-12-13 22:01 +0000
Re: 6-day TLS certificates from Let's Encrypt Eli the Bearded <*@eli.users.panix.com> - 2024-12-15 03:11 +0000
Re: 6-day TLS certificates from Let's Encrypt Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-12-12 01:10 +0000
csiph-web