Search found 17 matches

by cpcnw
Sun Mar 10, 2019 10:26 am
Forum: Troubleshooting
Topic: [SOLVED] How to stop using TLS-SNI-01 with Certbot
Replies: 1
Views: 777

Re: How to stop using TLS-SNI-01 with Certbot

Anyone else looking for this see bottom of this thread;

viewtopic.php?f=9&t=5646
by cpcnw
Sun Mar 10, 2019 10:23 am
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

Re: Lets Encrypt Nag!

root@raspi:~# systemctl status certbot ? certbot.service - Certbot Loaded: loaded (/lib/systemd/system/certbot.service; static; vendor preset: enabled) Drop-In: /etc/systemd/system/certbot.service.d +-dietpi-lighttpd.conf Active: inactive (dead) since Sun 2019-03-10 00:57:44 GMT; 8h ago Docs: file:...
by cpcnw
Tue Mar 05, 2019 10:49 am
Forum: Troubleshooting
Topic: [SOLVED] How to stop using TLS-SNI-01 with Certbot
Replies: 1
Views: 777

[SOLVED] How to stop using TLS-SNI-01 with Certbot

TLS-SNI-01 validation is reaching end-of-life. It will stop working permanently on March 13th, 2019. Following an update I ran; # certbot --version certbot 0.10.2 https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210 If the version is less than 0.28, you need to upgrade...
by cpcnw
Tue Mar 05, 2019 10:26 am
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

Re: Lets Encrypt Nag!

Seems like this is more urgent now? --- Action may be required to prevent your Let's Encrypt certificate renewals from breaking. If you already received a similar e-mail, this one contains updated information. Your Let's Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in...
by cpcnw
Sun Mar 03, 2019 11:16 pm
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

Re: Lets Encrypt Nag!

Crap - cron job halts waiting for input on the lighty error in first post!

Advice appreciated!
by cpcnw
Sun Mar 03, 2019 11:09 pm
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

Re: Lets Encrypt Nag!

OK so I just re-ran #dietpi-letsencrypt 1 and the second run outputted Processing /etc/letsencrypt/renewal/www.domain.co.uk.conf Cert not yet due for renewal The following certs are not due for renewal yet: /etc/letsencrypt/live/www.domain.co.uk/fullchain.pem (skipped) No renewals were attempted. Ig...
by cpcnw
Sun Mar 03, 2019 10:46 pm
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

Re: Lets Encrypt Nag!

just ran the following; # certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log Found the following certs: Certificate Name: www.domain.co.uk Domains: www.domain.co.uk Expiry Date: 2019-06-01 20:16:51+00:00 (VALID: 89 days) Certificate Path: /etc/letsencrypt/live/www.domain.c...
by cpcnw
Sun Mar 03, 2019 10:30 pm
Forum: General Discussion
Topic: [SOLVED] Lets Encrypt Nag!
Replies: 6
Views: 2122

[SOLVED] Lets Encrypt Nag!

Hi, Been getting a few emails from Lets Encrypt nagging me about certificate renewal. Decided to do manual update instead of waiting for cron End result was Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/www.domain.co.uk/fullchain.pem (success) ...
by cpcnw
Wed Dec 12, 2018 8:48 am
Forum: Troubleshooting
Topic: LetsEncrypt Problem / Advice
Replies: 5
Views: 1182

Re: LetsEncrypt Problem / Advice

I now suspect it's more down to my lack of understanding of how https / ssl / certs work together... Also, reading through most of the posts on serverfault it seems way more people want to redirect the www version to the non-www version so I am assuming there is a desirable / technical reason for th...
by cpcnw
Tue Dec 11, 2018 11:37 pm
Forum: Troubleshooting
Topic: LetsEncrypt Problem / Advice
Replies: 5
Views: 1182

Re: LetsEncrypt Problem / Advice

OK Thanks! I ran certbot --expand certonly --standalone -d mydomain.com -d www.mydomain.com --dry-run everything seemed ok [had to halt lighty to do this] I then removed dry run and it looked like process completed with no errors. I can see additional fingerprint in keystores below the original and ...