by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Nick Janetakis
    @nickjanetakis_twitter
    so i did what your readme said and set the sleep to 900
    but when the record was saved, it used a 7200 TTL
    however with DO's API , i set the sleep to 120 and it set the TTL to 120
    i wonder why namesilo set such a high TTL
    Georg
    @teadur
    TTL is always tradeoff of load against your nameserver vs how fast clients requery
    so having higher ttl means less load to your nameservers
    in some enormouse scale it could make a whole lot of difference
    Nick Janetakis
    @nickjanetakis_twitter
    yeah but i mean acme.sh set a 120 TTL when using digitalocean's API
    for the TXT challenge
    but for namesilo it set a 7200 TTL with a 900 sleep
    Georg
    @teadur
    were the SOA entries for zones identical ?
    Nick Janetakis
    @nickjanetakis_twitter
    looking at the source code, you hardcode a TTL 120 for digitalocean
    but for namesilo you don't set a TTL when making the api call
    Georg
    @teadur
    i didnot write acme.sh :)
    Nick Janetakis
    @nickjanetakis_twitter
    oh oops haha
    Georg
    @teadur
    im just a user like you
    Nick Janetakis
    @nickjanetakis_twitter
    thanks for the help btw
    Georg
    @teadur
    np
    Nick Janetakis
    @nickjanetakis_twitter
    it does seem to be a case where the namesilo api never sets rrttl (the field used by namesilo's api for setting the ttl)
    in acme.sh's codebase i mean
    aaronstuder
    @aaronstuder
    Hello
    Is there a way to use acme.sh fully automated within a script?
    Matt Deering
    @mattgphoto
    Hey guys, having a heck of a time trying to figure out how to do this with gcloud dns, do I need to edit the dns_gcloud.sh file?
    Matt Deering
    @mattgphoto
    gcloud init for instance, doesn't work on a synology :-D
    Matt Deering
    @mattgphoto
    Ah well, I tried everything I could. With no support, can't use your script. Take care!
    kingdevnl
    @kingdevnl
    Heyo, is letsencrypt down?
    John Losito
    @jlosito
    Hello. Does anyone know if there’s a way to install the client without it automatically setting a cron job?
    John Losito
    @jlosito
    Nevermind. I found it. There’s an option for it. —nocron
    John Losito
    @jlosito
    Is there any way upon installation to not create the aliases?
    michealkd
    @michealkd
    hi there, new to acme.sh - think its awesome as i saved me time creating 2 wildcards.
    i run the docker container from docker-hub, question, does Neils container support custom cron parameters, for instance storing a custom --reloadcmd then issuing it after renewals
    cliff v
    @powerdude
    hi. QQ about Synology NAS use. can you use this script to configure SANs with your domain cert? In the UI, you can specify a 'xxxx.synology.me' SAN so that you just need one cert. would the "-d" option work for this?
    Haelwenn Monnier
    @lanodan
    Hi, is there a way to disable the Dns Over {TLS,HTTP}? It's been broken for me and TTL based is fine for me as I'm self-hosted.
    neil
    @Neilpang
    @lanodan Sorry for the problem. you can use --dnssleep 200 to sleep 200 sconds before the dns records propagate, which will disable the auto DNS over HTTPS checkings.
    Haelwenn Monnier
    @lanodan
    Thanks it worked.
    neil
    @Neilpang
    @lanodan please try the latest dev branch without --dnssleep, it should be working now.
    Mariano Rodríguez
    @MarianoRD
    Hello everyone, I'm having an issue when I try to create a certificate with 'dns_dgon' it supposedly creates the TXT record, but then tries to find it in CloudFlare
    donnib
    @donnib
    hi
    can i use the docker image to run acme.sh and then get access to the cert outside the docker image thru a volume ?
    if so which folder do i mount ?
    donnib
    @donnib
    never mind, i found the wiki explaining it :)
    michealkd
    @michealkd
    Yes you can.
    wurzelpanzer
    @wurzelpanzer
    Hi, i created a dnsapi for easyDNS. I want to contribute it to the community. So I followed almost all the steps in the dev guide. Few questions: how can i edit a wiki entry? How do I upload my file? Thanks;
    wurzelpanzer
    @wurzelpanzer
    I just got it on my own.
    Adrian
    @adrianpkr_gitlab
    Doesn't the --reloadcmd flag imply that acme.sh runs as root? I wouldn't expect a regular user to be able to execute that request.
    Moviuro
    @moviuro
    Hi all! Why would /usr/local/sbin/acme.sh --ecc --renew --ocsp -d try.popho.be --dns dns_ovh --cert-file /usr/local/etc/ssl/try.popho.be/try.popho.be.cer --key-file /usr/local/etc/ssl/try.popho.be/try.popho.be.key --fullchain-file /usr/local/etc/ssl/try.popho.be/fullchain.cer NOT put the new files in place in the /usr/local/etc/ssl/try.popho.be/ dir?
    The log file at /root/.acme.sh/acme.sh.log does NOT mention that directory anywhere; and acme.sh proudly said "Your cert is in /root/.acme.sh/try.popho.be_ecc/try.popho.be.cer", which is clearly not what I expect
    Carl Dong
    @dongcarl
    Any way to change the --reloadcmd after I have installed the cert?
    isshwar
    @isshwar
    Hi All, I would like to know if i am doing something wrong. I am tried to generate certificates for multiple domains as below
    acme.sh --renew --staging --force --dns dns_acmedns -d test1.pageplace.de --dns dns_acmedns -d test2.pageplace.de
    but this is generating/renewing certificates only for the first domain test1.pageplace.de and ignoring the second domain test2.pageplace.de. Is there anything wrong with what i am doing?
    Also, on the same vm i have 6 domains running behind apache. Now on the account.conf file, I have only the below config. How do i extend it to all my 6 domains on the vm.
    SAVED_ACMEDNS_UPDATE_URL=''
    SAVED_ACMEDNS_USERNAME=''
    SAVED_ACMEDNS_PASSWORD=''
    SAVED_ACMEDNS_SUBDOMAIN=''
    Erik Hennerfors
    @gonace

    Hi, is there a way to get the LE TOKEN in one of the hooks? I'm looking at a solution for uploading a token to a database that will and an .NET MVC application reads the correct token depending on what domain is used for accessing /.well-known/acme-challenge

    I'm working on a system that auses custom domains that we do not have any controll over, so we'd like to provide letsencrypt cerificates for a wide range of domains.