Hi Carlo,
Thanks for fixing the Cc: addresses. I should not have included the bug
filing address in my reply.
On Sun, Apr 14 2024, Carlo Zancanaro wrote:
> We could avoid generating unnecessary self-signed certificates by first
> checking if we already have certificates from certbot, and creati
Apologies for the line breaks my earlier email. I'm not entirely sure
what happened, but hopefully they'll come through properly this time.
On Fri, Apr 12 2024, Felix Lechner wrote:
> To my surprise OpenSSL, which I saw in proced, generated a lot of
> certificates in /etc/certs. I am talking abou
Hi Felix,
On Fri, Apr 12 2024, Felix Lechner wrote:
To my surprise OpenSSL, which I saw in proced, generated a lot
of certificates in /etc/certs. I am talking about pages and
pages of asterisk, plusses, and dots for a system with twenty or
so certificates. Is it possible that they were gene
Hi Clément,
On Tue, Jan 30 2024, Clément Lassieur wrote:
> Carlo's solution allows to have a working nginx even when certbot
> fails.
I just upgraded a server to the latest Guix version, which I think
includes a version of this patch.
To my surprise OpenSSL, which I saw in proced, generated a l
I sympathize with your approach (I, too, have been supplementing
Certbot with self-signed certs for some time).
What would also be cool is not to have `certbot-service-type` depend on
`nginx-service-type` in the first place. So that one can more easily
use another HTTP server. It can of course b
Hi Felix,
On Tue, Jan 30 2024, Felix Lechner wrote:
On Tue, Jan 30 2024, Carlo Zancanaro wrote:
certbot can't produce certificates without a functional nginx
Yes, it can. The option is called --standalone. [1]
You are correct, of course. If I had been more precise I would
have said "with o
On Tue, Jan 30 2024, Felix Lechner via Bug reports for GNU Guix wrote:
> Hi Carlo,
>
> On Tue, Jan 30 2024, Carlo Zancanaro wrote:
>
>> certbot can't produce certificates without a functional nginx
>
> Yes, it can. The option is called --standalone. [1]
>
> Maybe another way to bootstrap the certi
Hi Carlo,
On Tue, Jan 30 2024, Carlo Zancanaro wrote:
> certbot can't produce certificates without a functional nginx
Yes, it can. The option is called --standalone. [1]
Maybe another way to bootstrap the certificates would be to hold off on
starting Nginx or Apache until all certificates are o
Hi Guix,
This patch series is a few changes to make certbot default to doing
"the right thing" in the common case of wanting certificates for an
nginx web server.
The initial change (in v1 of these patches) was to solve the certbot
bootstrapping problem. Nginx won't start without valid certificat
