Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Steal my cash, car and TV - but leave the computer! -- Soenke Lange <soenke@escher.north.de>


computers / rocksolid.shared.linux / nginx and letsencrypt

SubjectAuthor
o nginx and letsencryptRetro Guy

1
nginx and letsencrypt

<3e009e785256376aac2bfce570c04235$1@www.novabbs.com>

 copy mid   Newsgroups: rocksolid.shared.linux
Path: i2pn2.org!.POSTED!not-for-mail
From: retro....@rocksolidbbs.com (Retro Guy)
Newsgroups: rocksolid.shared.linux
Subject: nginx and letsencrypt
Date: Sat, 3 Oct 2020 12:05:34 +0000
Organization: novaBBS
Message-ID: <3e009e785256376aac2bfce570c04235$1@www.novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="16753"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs
X-Rslight-Site: $2y$10$L5iGmNzg6HQQlBhXw5P0IOOSQRAMeQWEC1cj7OTukHzJJdHbUs1Sa
 by: Retro Guy - Sat, 3 Oct 2020 12:05 UTC

I noticed something a few days ago when visiting one of my sites and my browser
said the cert was expired.

I checked the cert with certbot, which said it was not expired (recently
renewed). Then checked remotely with openssl, which said it's expired. I
verified that nginx was configured properly to use the correct cert, then
finally restarted nginx, which solved the issue.

So I'm assuming that nginx reloads the cert at some interval, but not each
connection (which makes sense). The cert had expired within a few hours of me
getting the expired message, but had already been renewed. I've never noticed
this with my sites since I probably haven't just happened to visit at just the
right time.

Anyone else noticed this, or know how often nginx checks the cert?

Retro Guy

--
Posted on: novaBBS
www.novabbs.com

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor