is a self signed certificate always invalid the first time
Joseph Tam
jtam.home at gmail.com
Fri Aug 18 10:24:39 EEST 2017
Michael Felt <michael at felt.demon.nl> writes:
>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is
>> written in pure shell script, so no python dependencies.
>> https://github.com/Neilpang/acme.sh
>
> Thanks - I might look at that, but as Ralph mentions in his reply -
> Let's encrypt certs are only for three months - never ending circus.
I wouldn't characterize it as a circus. Once you bootstrap your first
certificate and install the cert-renew cron script, it's not something
you have to pay a lot of attention to. I have a few LE certs in use,
and I don't think about it anymore: it just works.
The shorter cert lifetime also helps limit damage if your certificate
gets compromised.
Joseph Tam <jtam.home at gmail.com>
More information about the dovecot
mailing list