Cert renewal for forum.sailfishos.org

peterleinchen · 3 August 2020 07:55

On Saturday 08/01/2020 there was an outage of the forum.
Most probably due to the delayed renewal of the certificate from letsencrypt.org:

What is the lifetime for Let’s Encrypt certificates? For how long are they valid?Our certificates are valid for 90 days. You can read about why here.There is no way to adjust this, there are no exceptions. We recommend automatically renewing your certificates every 60 days.

Following above link also tells:

We recommend that subscribers renew every sixty days. Once automated renewal tools are widely deployed and working well, we may consider even shorter lifetimes.

So, question: will we have to expect these outages now every 90 days?
Or are you planning a shorter renewal period or automation?

P.S.; thanks for taking care if this on a Saturday.

juiceme · 3 August 2020 13:58

There is this small annoyance in renewing letsencrypt certs which bites at least me; the renewal by certbot needs http access to be enabled to work

I have disabled port 80 forwarding on frontend router because I serve only https, hence autorenew doesn’t work unless I manually enable http forwarding.

I have to remember to do manual renew about every two months or so.

santhoshmanikandan · 3 August 2020 15:48

This is how we handle. We have Nginix in the path and all requests to 80 port other than ACME challenge path is redirected to https.

szopin · 3 August 2020 15:50

this and some extra chars

juiceme · 4 August 2020 12:53

Yes, this is one way to do it, and could be I’ll have to resort to that in the end.