is a self signed certificate always invalid the first time

KT Walrus kevin at my.walr.us
Sun Aug 20 16:53:26 EEST 2017


> On Aug 20, 2017, at 3:20 AM, Felix Zielcke <fzielcke at z-51.de> wrote:
> 
> Am Samstag, den 19.08.2017, 21:39 -0400 schrieb KT Walrus:
>> 
>> I use DNS verification for LE certs. Much better since generating
>> certs only depends on access to DNS and not your HTTP servers. Cert
>> generation is automatic (on a cron job that runs every night looking
>> for certs that are within 30 days of expiration). Once set up, it is
>> pretty much automatic. I do use Docker to deploy all services for my
>> website which also makes things pretty easy to manage.
>> 
>> Kevin
> 
> Hi Kevin,
> 
> what software do you use for DNS based verification? I read with the
> official certbot from LE it's not possible to do this fully automated.
> Currently I use the http based method, but would like to switch to DNS
> based.
> 
> Greetings
> Felix

I use the acme.sh script: https://github.com/Neilpang/acme.sh <https://github.com/Neilpang/acme.sh>

The author supports running this script automatically with the docker image neilpang/acme.sh.

Kevin



More information about the dovecot mailing list