[u-u] Expired SSL certificate
Giles Orr
gilesorr at gmail.com
Wed Dec 30 21:03:12 EST 2015
On 30 December 2015 at 18:12, Alan J Rosenthal <flaps at 56789.ca> wrote:
>>Free auto-generated certificates valid for 90 days (meant to be
>>auto-renewed on a cron job):
>>
>>https://letsencrypt.org/
>
> Also note https://github.com/diafygi/acme-tiny
>
>>Technically rather hairy if you don't want their script to have root
>>access to your machine,
>
> Root access is not automatically required to write to the SSL-related
> files -- just create a new uid for that purpose and have the files owned by
> this new user, then allow it to do "sudo apache2ctl graceful" or analogous.
It looked more complex than that to me ... but I haven't worked my way
through all the details yet (I'm having to learn about certificates
and signing authorities simultaneously).
Now I'm confused though: same guy ("diafygi") also maintains
"letsencrypt-nosudo" which I was working with:
https://github.com/diafygi/letsencrypt-nosudo . He seems to be
working on both (it and acme-tiny) simultaneously, and they're quite
similar.
--
Giles
http://www.gilesorr.com/
gilesorr at gmail.com
More information about the u-u
mailing list