Let's encrypt automatisieren ohne Python

SolarCatcher

Well-Known Member
In einem gehijackten Thread haben wir uns letztens über Let's Encrypt ausgetauscht.

Bernard Spil, maintainer u.a. von security/libressl hat jetzt seinen Weg dokumentiert, die Zertifikate in Jails zu aktualiseren - ohne das Python-Tool von Let's Encrypt. Hier seine Prämissen, alle weiteren Details hier.
Started this as I felt that the standard LetsEncrypt client was way too fat and had too many dependencies to be allowed to run as root. Even though this is all pretty basic stuff, I decided to document it here.

Some notes on my setup

  1. All services accessible from the internet run in jails (all jails reside in /usr/jails)

  2. I use LibreSSL

  3. I use zsh
Things that don't need to run as root will be running as an unprivileged user.

Danke an BSD Now für den Tipp.
 
Zurück
Oben