[BlueOnyx:25486] Re: Lets Encrypt cert renewal and Website Redirect

[Ken Hohhof]

It seems service providers on this list spend a lot of time tinkering with Lets Encrypt to keep it working.  Out of curiosity, what is the reason not to just tell your customers to buy a cert from a certificate authority (one that actually charges money)?  Yes, I realize certs expire, but on the timeframe of years, not months.  Also the webhost doesn’t have to send emails, hope they work, etc.  The customer give you the keys, you install them on the server.

 

I’m not arguing for one approach or the other, just want to know the reasoning behind incurring what is apparently a lot of trouble.

 

From: Blueonyx <blueonyx-bounces at mail.blueonyx.it> On Behalf Of Tobias Gablunsky
Sent: Thursday, June 30, 2022 11:19 AM
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:25485] Lets Encrypt cert renewal and Website Redirect

 

Hi there,

 

how do you proceed to renew lets encrypt certificates for websites that are permanent redirects only? Because automatic renewal doesn't work - the requests from lets encrypt for their files under ".wellknown/..." are forwarded as every other request.

 

So I always deactivate the forwarding, renew the cert manually and re-activate it afterwards. But that's not how it's meant to be, is it?

 

>From my point of view, this task has to be integrated into BlueOnyx: deactivate redirect -> renew certificate -> reactivate redirect. Don't you think so?

 

Regards,
Tobias

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20220630/3f229d82/attachment.html>