| Commit message (Collapse) | Author | Age | Files |
|
|
|
|
|
|
|
|
|
| |
versions.
OpenSSL 3.2 from Debian sid spews
Warning: Reading certificate from stdin since no -in or -new option is given
without an explicit `-in /dev/stdin`.
|
|
|
|
|
|
|
|
|
| |
Domain names are case insensitive so it shouldn't matter, but Let's
Encrypt (staging) ACME server fails with
400 Bad Request (Invalid identifiers requested :: Cannot issue for "YXJCTT7S6K2RQLVO.lacme-test.guilhem.org": Domain name contains an invalid character)
if the sub-domain part of the subjectName is left all-caps.
|
| |
|
|
|
|
|
|
|
|
| |
restrictions.
Also, always spawn the client with umask 0022 so a starting lacme(8)
with a restrictive umask doesn't impede serving challenge response
files.
|
|
|
|
|
|
|
|
|
| |
Otherwise we end up with files with mode 0644 owned by root:root, and
subsequent lacme(8) invocations will likely not renew them for a while.
This change also saves a chown(2) call. And the new logic (chown resp.
chmod from root:root resp. 0600) is safe if we ever include private key
material in there too.
|
|
|
|
| |
Due to unknown user/group name.
|
| |
|
| |
|
|
https://letsencrypt.org/docs/staging-environment/
|