| De: |
"Steven Levine" <ecs-isp@2rosenthals.com> |
En-têtes complèts
Message brut |
| Sujet: |
Re: [eCS-ISP] HTTPS-Misery |
| Date: |
Mon, 07 Oct 2024 13:17:44 -0800 |
| À: |
"eCS ISP Mailing List" <ecs-isp@2rosenthals.com> |
|
|---|
In <list-11070676@2rosenthals.com>, on 10/07/24
at 09:58 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:
Hi Massimo,
>i've seen the script, it's quite complicated
Complicated is in the mind of the beholder. I find your method overly
complicated because every change requires a change to each per domain
script. I write generic, self-adapting code when possible. In this case
one script that handles all the domains. If the script requires changes,
the change will apply to all domains handled by the script.
>please could you post a call?
>a script that calls for a renewal of a certificate
>an example
Did you ignore the example at line 5 of the script?
Typical usage is
uacme -v -h uacme-hook.cmd issue example.com
Certificate backups are handled by another (IMO generic) solution.
cd \etc\ssl\uacme
rsync_to_bkup -i ts
which creates a timestamped \etc\ssl\uacme-yyyy-mm-dd-hh-mm-ss directory
and does an rsync of the content of \etc\ssl\uacme. There's a minor
downside to this method. Every 6 months or so, we need to run a script to
prune the stale backup directories. The upside is if a problem is not
discovered for several months, there's a good chance that copies of the
archived files are there if needed.
Steven
--
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net> Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------
|