Hello,

in the ExecStart I use also "--agree-tos"

Instead of --post-hook, maybe --deploy-hook it's better

I usually put my scripts in the folder /etc/letsencrypt/renewal-hooks/deploy/ instead of use --deploy-hook

Andrea

Il 10/01/19 09:14, Aki Tuomi ha scritto:

Would be better if it would happen automatically though.

Aki

On 10.1.2019 10.04, Filipe Carvalho wrote:

Yup, that did the trick.

Thanks!

Filipe

On 1/10/19 7:47 AM, Aki Tuomi wrote:

On 10.1.2019 9.42, Filipe Carvalho wrote:

Hello,

Not sure if this is the right place to post this, but the ssl certificate of the repo.dovecot.org server expired on the 9th of January.

It's giving an error via the browser and via the apt command in Debian:

W: Failed to fetch https://repo.dovecot.org/ce-2.3-latest/debian/jessie/dists/jessie/main/binary-amd64/Packages server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Cheers!

Filipe Carvalho

--

Filipe Carvalho

Infraestruturas Tecnológicas / IT infrastructures

filipec@uporto.pt

Amazing this certbot thing...

[Unit]
Description=Certbot
Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html
Documentation=https://letsencrypt.readthedocs.io/en/latest/
[Service]
Type=oneshot
ExecStart=/usr/bin/certbot -q renew --post-hook /etc/letsencrypt/post.hooks.d/reload
PrivateTmp=true

one would think this would work and reload nginx after the cert has been renewed...

Aki

-- 
----------------------------------------------------------------
What's right isn't always popular, what's popular isn't always right.

----------------------------------------------------------------

Ing. Andrea Gabellini
Email: andrea.gabellini@telecomitalia.sm
Skype: andreagabellini
Tel: (+378) 0549 886111
Fax: (+378) 0549 886188

Telecom Italia San Marino S.p.A.
Via XXVIII Luglio, 212 - Piano -2
47893 Borgo Maggiore
Republic of San Marino

http://www.telecomitalia.sm