From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 2480216 for ecs-isp@2rosenthals.com; Sat, 16 May 2026 18:20:50 -0400 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:48529 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wONNJ-000000001VL-1Ig9 for ecs-isp@2rosenthals.com; Sat, 16 May 2026 18:20:49 -0400 Received: from mta-202b.earthlink-vadesecure.net ([51.81.232.241]:60821 helo=mta-202a.earthlink-vadesecure.net) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1wONNG-000000003Sf-1dkg for ecs-isp@2rosenthals.com; Sat, 16 May 2026 18:20:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; bh=iuGWGYHuMykL6m8zjv6NTuUtcL93uPGjDS5V7Q doa6s=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-unsubscribe-post: list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dk12062016; t=1778970045; x=1779574845; b=CJUsQdhin4SYpxhP9bCq0WLowt6 K+vLpxYTEiRqS+gHZJE/Tfy9DXGG4YfH4lS+1zYrdQivKd4ijSIJEuU50C9K1q5PsOMWtZd 1MgwnjNHBt9Jielxt7Jt/A1ZURQ8q0c+0tkLSQCfM0G7tWYcmMB28qhx62DDRvTAzk/bIsS vWiWIqd66S6rX8Qm0eQHvYOiqohJJh29b+UHec/eM8iSJocPTv8eBbGDl1zojgFA2huqoSX TEuJV6KVN/OkWD7py5IwbIinaL5p0t/nGIoHuvF2FjQWkeD40hDuDc7ugsF4PHJo0bsWDzK K69RSR+USISp2cyevIIGqJda8F37UjA== Received: from slamain ([107.202.224.188]) by vsel2nmtao02p.internal.vadesecure.com with ngmta id ae266d34-18b02bd4a04031a5; Sat, 16 May 2026 22:20:45 +0000 Message-ID: <6a08ec0f.4.mr2ice.fgrirsq@earthlink.net> Date: Sat, 16 May 2026 15:13:35 -0700 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] SSL cert lifetime X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 05/16/26 at 05:28 PM, "Lewis G Rosenthal" said: Hi, >Much as I hate to admit it, other than the 17 days, the convenience of >having a script do the cert updates from LE would be a tie-breaker - >though I am still uneasy about LE (less so after this much time, I >guess). I scripted a solution for Dan's OS/2 servers and it works well. >This short lifespan is a killer for all commercial CAs, as that has been >their main attraction since LE went sort of mainstream (10 years ago, >they started with 90-day certs, and that was a PITA vs 2-year certs; now >all lifespans have shortened, but 17 days is probably not worth the >cost). With a scripted solution, the cert lifetime is pretty much irrelevant. I suspect there will always be a place for commerical CAs. What we think of as easy is often not so much for the rest of the user base. Dan has a couple of dual homed servers which is something that LE does not handle out of the box. For some a cert from a commercial CA would be as easier solution. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------