[Systems] Fwd: Cron <root at freedom> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

Samuel Cantero scanterog at gmail.com
Mon Feb 29 14:04:02 EST 2016

Previous message: [Systems] Cron <root at freedom> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
Next message: [Systems] Letsencrypt
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I was testing our access to the .well-known/acme-challenge directory for
www.slo and nagios.slo. LE must have access to this directory in order to
validate the domain with a set of challenges (in this case provisioning an
HTTP resource under this URI). This access wasn't working. I fixed it for
http and https. Now, we are also forcing https for all pages except
domain/.well/known-challenge. It was forcing https for all pages.

In addition, sometime ago we defined in nginx the same directory for the
acme-challenge for both domains but we forgot to set the same webroot in
the LE config file for each domain. I also fixed this.

I tested all this config with the nagios domain and the certificate was
renewed successfully. I also changed in the renewal script the renewal
time. We defined to renew the SSL certificate 15 days before the expiration
day. I changed this to 30 in order to validate the process with the www.slo
domain in 3 days. www.slo certificate was issued on January 3 and is going
to expire on April 2.

Best regards,

Samuel C.

On Fri, Feb 26, 2016 at 10:56 PM, Bernie Innocenti <bernie at codewiz.org>
wrote:

> Sam, could you make the renew-certs-le not produce any output when
> everything goes well and only nag if we need to fix something?
>
> -------- Forwarded Message --------
> Subject: Cron <root at freedom> test -x /usr/sbin/anacron || ( cd / &&
> run-parts --report /etc/cron.daily )
> Date: Fri, 26 Feb 2016 08:00:07 -0500 (EST)
> From: Cron Daemon <root at freedom.sugarlabs.org>
> To: root at freedom.sugarlabs.org
>
> /etc/cron.daily/renew-certs-le:
> The certificate for nagios.sugarlabs.org is up to date, no need for
> renewal (36 days left for renewal).
> The certificate for sugarlabs.org is up to date, no need for renewal (36
> days left for renewal).
> /etc/cron.daily/wizbackup:
> 1456488867:lightwave.sugarlabs.org:0:255
> run-parts: /etc/cron.daily/wizbackup exited with return code 1
>
>
> _______________________________________________
> Systems mailing list
> Systems at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/systems
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/archive/systems/attachments/20160229/892d1e8f/attachment.html>

Previous message: [Systems] Cron <root at freedom> test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
Next message: [Systems] Letsencrypt
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Systems mailing list