Let's Encrypt for Internal Servers

documentation

(Michel-André) #1

Hi all,

On page: https://wiki.nethserver.org/doku.php?id=userguide:let_s_encrypt_for_internal_servers

Will it be possible to add the –test with a little explanation so people won’t get their 5/7 limit whith Let’s Encrypt.

Also, add a note about rebooting the server after the configuration and before asking the certificate as rebooting will destroy the exportation of the Global API key ( CF_Key) and email address ( CF_Email). That is the reason I got the limit :blush:

Thank you Dan for that great wiki page on Let’s Encrypt for internal NethServer

Michel-André


(HF) #2

@michelandre, would you be able to adjust the page as a start? Refinement can be done by all. Most important is that it is mentioned to start with. Good catch!

TIA


(Dan) #3

It’s a wiki page, so anyone can edit it, but I’d agree that discussion of --test would be useful. However,

this doesn’t make much sense. If you rebooted between setting the key/email and running the acme.sh command (seriously, why?), validation would fail. And there is a rate limit for failed validations, but it resets after an hour. The only rate limit that’s on a seven-day cycle is the “identical certs” rate limit–you can’t issue more than five identical certs within a seven-day period.


(Michel-André) #4

Hi danb35,

You are right. It was the failed validation limit that I reached. I didn’t know it resets after an hour.

Michel-André