[NCUC E-team] SSL

Tapani Tarvainen ncuc at tapani.tarvainen.info
Thu Aug 3 19:26:32 CEST 2017


On Thu, Aug 03, 2017 at 11:30:57PM +0800, David Cake (davecake at gmail.com) wrote:

> Is there an autorenewal script in place?

Yes. The one that certbot ppa installation puts there by default:

$ cat /etc/cron.d/certbot
# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc.  Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && certbot -q renew

-- 
Tapani Tarvainen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.ncuc.org/pipermail/e-team/attachments/20170803/1abad672/attachment.sig>


More information about the E-team mailing list