Let's Encrypt Ending Support for Expiration Notification Emails
-
I use uptime kuma to check my certificate isn't going to expire.
Also tells me if any of my services are down.
-
Using nginx with certbot and duck DNS and I ended up using the manual option with a authentication, clean up, and post bash scripts and then final script that I called from chron job that called the scripts every three months.
Just from a beginning user of let's encrypt, and while a software developer I'm not versed in backend development, and I found the documentation to be a bit hit or miss, understandable with a plethora of open source projects. Using certbot, because that's the rabbit hole let's encrypt first send you down, the documentation while available isn't easy to navigate in my opinion and it took me a while to track down the variables used to pass down the text and the bulk examples found were all using http-01.
I just think that if your not someone with a background in tech, just wanting to get a server to and running with ssl following a bunch of other tutorials and guides, it could be a bit better to get adoption.
-
do you not automate the renewal of your certificates?
the only time I've ever gotten the expiring cert emails is after i decommission a service that had certificates and no longer renew it.
-
It's not just figuring out the automation. If they don't have a plug-in for your DNS provider, and you need a wild card, that automation gets kind of dicey.
-
They don't support my DNS provider and they don't support my web server.
Automated the web server isn't very hard automated the DNS providers are royal pain in the ass.
-
Uptime kuma's pretty nice for such a light duty package
-
Can't speak for OP but they can't seem automate my network solutions DNS through plugins.
I don't know why in the hell they are such sticklers about wild card domains. Just let me off it on any working domain, hell, force me to author on this is my wildcard.Mydomain.com. the DNS authorization is an unnecessary
-
And DNS is the only one available for wild card and unless you're using a plug-in capable DNS service, They suck at it.
-
Novel concept, how about they let me pay them to remind me.
-
Agreed.
For us the mitigation is to do a little monitoring with alerts set to start casually at 29 days out and enter critical 13 days out (out from expiry).
-
I'll end up with a nagios alarm with an x509 check
-
I mean that's just another item in the long list of reasons you should not be using Network Solutions.
-
You're not wrong, but they don't support quite a lot.
-
Yup it's great
-
If it was actually code that isn't the correct behavior. Code doesn't line wrap, because line breaks mean something in most languages, so introducing virtual line breaks causes confusion.
-
Is that mostly for ISPs running CGNAT?
