Anybody using security/acme.sh might want to upgrade: security/acme.sh runs arbitrary commands from a remote server!
If you're using HiCA, you surely want to revoke & renew your certs (with a more trustworthy CA).
See this GitHub issue: https://github.com/acmesh-official/acme.sh/issues/4659
Hello everyone,
Is it possible to restart www/apache24 from crontab after successfully renewing letsencrypt certs with security/acme.sh?
This is what I have now (run each night 03:00):
* 3 * * * /usr/local/sbin/acme.sh --cron >> /var/log/acme.cron.log
Thank you,
Hi fellow enthusiasts,
I wrote a short article on securing a FreeBSD 12 web server with nginx, php-fpm and mysql 8 by focusing on website isolation. Specifically, the goal was to create different php-fpm pools for each nginx virtual server, with them sharing a unique socket for each website. In...
I recently moved to a new server. After installing security/acme.sh and moving all the config files over, acme.sh no longer reads it's configuration file when issuing commands.
I've moved everything (config/certs) to the proper location (/var/db/acme/).
This no longer works, and used to before...
Note: this post is amended because the updated port security/acme.sh is now using its own convention home directory /var/db/acme with dedicated user/group acme:acme
The idea is to limit the use of elevated privileges as much as possible.
================
- What is this about?
security/acme.sh...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
