<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">Not even going offtopic since Gophernicus - The Most Awesome(tm) gopher server \o/ - actually supports TLS and the only existing TLS-enabled gopher server (<a href="gophers://gophernicus.org:7070/" class="">gophers://gophernicus.org:7070/</a>) runs on a free Let's Encrypt certificate.</div><div class=""><br class=""></div><div class="">I was really against the whole thing until start of this year when my existing certs were due to renewal. So being slightly autistic I wrote down the steps to renew a cert between the traditional way vs. up and coming Let's Encrypt that I hated. </div><div class=""><br class=""></div><div class="">That was not even a competition... and yes, it's fully scritable - I've got a simple bash script running form /etc/cron.monthly/ to renew the cert every two months (they're valid for three). As long as Let's Encrypt is operational I never ever have to do anything to renew. Nada.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">- Kim</div><div class=""><br class=""></div><br class=""><div><blockquote type="cite" class=""><div class="">On 16 Sep 2017, at 19:08, Mr. Leveck <<a href="mailto:leveck@leveck.us" class="">leveck@leveck.us</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">
<meta http-equiv="content-type" content="text/html; charset=UTF-8" class="">
<div class="">
I have looked at Let's Encrypt in the past. There is quite a bit of smack talk floating around vis-a-vis this service particularly because it is free. Every single free cert I have seen in the last 20 years eventually shut down due to misuse by idiots. I guess I'll grab one while it is still around...<br class=""><br class="">Is renewing the LE cert scriptable or is this just something that will need a calendar entry and a reminder?<br class=""><br class="">
--
<br class="">Leveck<br class=""><br class="">16. Sep 2017 02:38 by <a href="mailto:irl@fsfe.org" target="_blank" rel="noopener noreferrer" class="">irl@fsfe.org</a>:<br class=""><br class=""><blockquote class="tutanota_quote" style="border-left: 1px solid #93A3B8; padding-left: 10px; margin-left: 5px;">Hi,<br class=""><br class="">On 16/09/17 05:47, Stephen Kellat wrote:<blockquote class="">RFC 4217 comes to mind at this point & I wonder if <a href="http://letsencrypt.org" class="">letsencrypt.org</a> supports that perchance.</blockquote><br class="">By putting some records into the DNS, yes it is possible to have a cert<br class="">issued for a domain name that will then work for any service, including<br class="">FTPS or even some form of Gopher/TLS if such a thing exists.<br class=""><br class="">Personally I've used the certs for mail servers, FTP servers, XMPP<br class="">servers as well as many many web servers.<br class=""><br class="">Thanks,<br class="">Iain.<br class=""><br class="">_______________________________________________<br class="">Gopher-Project mailing list<br class=""><a href="mailto:Gopher-Project@lists.alioth.debian.org" target="_blank" rel="noopener noreferrer" class="">Gopher-Project@lists.alioth.debian.org</a><br class=""><a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project" target="_blank" rel="noopener noreferrer" class="">http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project</a></blockquote> </div>
_______________________________________________<br class="">Gopher-Project mailing list<br class=""><a href="mailto:Gopher-Project@lists.alioth.debian.org" class="">Gopher-Project@lists.alioth.debian.org</a><br class="">http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/gopher-project</div></blockquote></div><br class=""></body></html>