Blame
Date:
Mon Jan 23 05:00:25 2023 UTC
Message:
Daily backup
01
2023-01-22
jrmu
version=pmwiki-2.2.130 ordered=1 urlencoded=1
02
2023-01-22
jrmu
agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
03
2023-01-22
jrmu
author=baytuch
04
2023-01-22
jrmu
charset=UTF-8
05
2023-01-22
jrmu
csum=
06
2023-01-22
jrmu
ctime=1659597723
07
2023-01-22
jrmu
host=2001:bc8:1830:1533::2
08
2023-01-22
jrmu
name=Orange.CertsReissue
09
2023-01-22
jrmu
rev=5
10
2023-01-22
jrmu
targets=
11
2023-01-22
jrmu
text=This document describes the solution to automatically generate certificates Let’s Encrypt. In this case, we will use an intermediate certificate, previously downloaded from the repository.%0a%0a'''Create a dir with Let’s Encrypt certs:'''%0a[@%0adoas mkdir /etc/ssl/letsencrypt%0adoas wget https://letsencrypt.org/certs/isrgrootx1.pem -O /etc/ssl/letsencrypt/ISRG_X1.pem%0adoas wget https://letsencrypt.org/certs/lets-encrypt-r3.pem -O /etc/ssl/letsencrypt/R3.pem%0a@]%0a%0aLet’s Encrypt R3 cert expired date - Sep 15 16:00:00 2025 GMT \\%0aISRG Root X1 cert expired date - Jun 4 11:04:38 2035 GMT%0a%0a'''Creation of folders tree to store a certificate:'''%0a[@%0adoas mkdir /etc/ssl/example.net%0adoas mkdir /etc/ssl/example.net/private%0adoas chmod 700 /etc/ssl/example.net/private%0a@]%0a%0a'''Adding a section with settings to acme client:'''%0a[@%0adomain example.net {%0a alternative names { www.example.net }%0a domain key "/etc/ssl/example.net/private/example.key"%0a domain certificate "/etc/ssl/example.net/example.crt"%0a sign with letsencrypt%0a challengedir "/var/www/acme"%0a}%0a@]%0a%0a'''Certificate reissue script:'''%0a[@%0a#!/bin/sh%0a%0aacme-client -Fv example.net || exit 1%0a%0a# RelayD%0acat /etc/ssl/example.net/private/example.key > /etc/ssl/private/example.net.key%0acat /etc/ssl/example.net/example.crt > /etc/ssl/example.net.crt%0acat /etc/ssl/letsencrypt/R3.pem >> /etc/ssl/example.net.crt%0achown root:wheel /etc/ssl/private/example.net.key%0achown root:wheel /etc/ssl/example.net.crt%0achmod 400 /etc/ssl/private/example.net.key%0a%0arcctl -d reload relayd%0a@]%0a%0a'''Record about the task in crontab:'''%0a[@%0a10 1 1 * * /usr/local/libexec/orange/certs_reissue.sh >/dev/null 2>&1%0a@]
12
2023-01-22
jrmu
time=1659936917
13
2023-01-22
jrmu
author:1659936917=baytuch
14
2023-01-22
jrmu
diff:1659936917:1659892574:=46,50d45%0a%3c @]%0a%3c %0a%3c '''Record about the task in crontab:'''%0a%3c [@%0a%3c 10 1 1 * * /usr/local/libexec/orange/certs_reissue.sh >/dev/null 2>&1%0a
15
2023-01-22
jrmu
host:1659936917=2001:bc8:1830:1533::2
16
2023-01-22
jrmu
author:1659892574=baytuch
17
2023-01-22
jrmu
diff:1659892574:1659687218:=30,46d29%0a%3c %0a%3c '''Certificate reissue script:'''%0a%3c [@%0a%3c #!/bin/sh%0a%3c %0a%3c acme-client -Fv example.net || exit 1%0a%3c %0a%3c # RelayD%0a%3c cat /etc/ssl/example.net/private/example.key > /etc/ssl/private/example.net.key%0a%3c cat /etc/ssl/example.net/example.crt > /etc/ssl/example.net.crt%0a%3c cat /etc/ssl/letsencrypt/R3.pem >> /etc/ssl/example.net.crt%0a%3c chown root:wheel /etc/ssl/private/example.net.key%0a%3c chown root:wheel /etc/ssl/example.net.crt%0a%3c chmod 400 /etc/ssl/private/example.net.key%0a%3c %0a%3c rcctl -d reload relayd%0a%3c @]%0a\ No newline at end of file%0a
18
2023-01-22
jrmu
host:1659892574=2001:bc8:1830:1533::2
19
2023-01-22
jrmu
author:1659687218=baytuch
20
2023-01-22
jrmu
diff:1659687218:1659612337:=18,28d17%0a%3c @]%0a%3c %0a%3c '''Adding a section with settings to acme client:'''%0a%3c [@%0a%3c domain example.net {%0a%3c alternative names { www.example.net }%0a%3c domain key "/etc/ssl/example.net/private/example.key"%0a%3c domain certificate "/etc/ssl/example.net/example.crt"%0a%3c sign with letsencrypt%0a%3c challengedir "/var/www/acme"%0a%3c }%0a
21
2023-01-22
jrmu
host:1659687218=2001:bc8:1830:1533::2
22
2023-01-22
jrmu
author:1659612337=baytuch
23
2023-01-22
jrmu
diff:1659612337:1659597723:=8,18c8%0a%3c @]%0a%3c %0a%3c Let’s Encrypt R3 cert expired date - Sep 15 16:00:00 2025 GMT \\%0a%3c ISRG Root X1 cert expired date - Jun 4 11:04:38 2035 GMT%0a%3c %0a%3c '''Creation of folders tree to store a certificate:'''%0a%3c [@%0a%3c doas mkdir /etc/ssl/example.net%0a%3c doas mkdir /etc/ssl/example.net/private%0a%3c doas chmod 700 /etc/ssl/example.net/private%0a%3c @]%0a---%0a> @]%0a\ No newline at end of file%0a
24
2023-01-22
jrmu
host:1659612337=2001:bc8:1830:1533::2
25
2023-01-22
jrmu
author:1659597723=baytuch
26
2023-01-22
jrmu
diff:1659597723:1659597723:=1,8d0%0a%3c This document describes the solution to automatically generate certificates Let’s Encrypt. In this case, we will use an intermediate certificate, previously downloaded from the repository.%0a%3c %0a%3c '''Create a dir with Let’s Encrypt certs:'''%0a%3c [@%0a%3c doas mkdir /etc/ssl/letsencrypt%0a%3c doas wget https://letsencrypt.org/certs/isrgrootx1.pem -O /etc/ssl/letsencrypt/ISRG_X1.pem%0a%3c doas wget https://letsencrypt.org/certs/lets-encrypt-r3.pem -O /etc/ssl/letsencrypt/R3.pem%0a%3c @]%0a\ No newline at end of file%0a
27
2023-01-22
jrmu
host:1659597723=2001:bc8:1830:1533::2
IRCNow