[BlueOnyx:22118] Re: update certbot (letsencrypt) for punycode domains?
Michael Stauber
mstauber at blueonyx.it
Sat May 26 15:56:13 -05 2018
Hi Christoph,
> is there any special reason why BlueOnyx uses a pretty old version of
> certbot (0.9.1) for letsencrypt?
Both /usr/sausalito/letsencrypt/certbot-auto and
/usr/sausalito/letsencrypt/letsencrypt-auto have the ability to
auto-upgrade and they will in fact do auto-updates every time you run
them. Unless you tell them not to.
The GUI uses /usr/sausalito/letsencrypt/letsencrypt-auto with the
--no-self-upgrade switch, which prevents these updates.
The reason is that I don't trust LE not to change the API around during
updates or breaking things that previously used to work. There was a
time when they suddenly introduced new dependencies during an update
without making sure these dependencies could actually be matched by YUM
on an EL6 box.
That's why I'm playing it pretty conservative here. If it ain't broken,
then we don't need to update certbot.
> I would like to use letsencrypt for a punycode-domain (with an ä) on my
> blueonyx server, but that needs a version of certbot higher than 0.9.2
> (current version is 0.10.2)
You can't use umlauts directly in Vsite names and have to enter the name
in puny-code to begin with, right? I wasn't aware that there was a
problem with LE certs and punycode domain names, though.
> Is there a chance to see an update for 5209R in the very near future?
I didn't have that planned, but it's doable. In the meantime you can
simply execute these two commands directly as "root" via the shell:
/usr/sausalito/letsencrypt/letsencrypt-auto
/usr/sausalito/letsencrypt/certbot-auto
That will call "letsencrypt-auto" and "certbot-auto" directly and will
let them do their raindance for updates.
I just did that on a 5209R and it now reports this:
#> /usr/sausalito/letsencrypt/letsencrypt-auto --version
certbot 0.24.0
#> /usr/sausalito/letsencrypt/certbot-auto --version
certbot 0.24.0
>From what I gather 0.24.0 is the latest version.
See: https://github.com/certbot/certbot/releases
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list