LetsEncrypt, yomwe imapereka satifiketi yaulere ya SSL yachinsinsi, imakakamizika kuletsa satifiketi zina.
Vuto likugwirizana ndi
Kodi cholakwika ndi chiyani? Ngati pempho la satifiketi lili ndi madera a N omwe amafunikira kutsimikizika kwa CAA mobwerezabwereza, Boulder amasankha imodzi mwazo ndikuzitsimikizira nthawi za N. Zotsatira zake, zinali zotheka kutulutsa satifiketi ngakhale pambuyo pake (mpaka masiku X + 30) mutakhazikitsa mbiri ya CAA yomwe imaletsa kuperekedwa kwa satifiketi ya LetsEncrypt.
Kuti atsimikizire ziphaso, kampaniyo yakonzekera
Ogwiritsa ntchito apamwamba amatha kuchita zonse okha pogwiritsa ntchito malamulo awa:
# ΠΏΡΠΎΠ²Π΅ΡΠΊΠ° https
openssl s_client -connect example.com:443 -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# Π²Π°ΡΠΈΠ°Π½Ρ ΠΏΡΠΎΠ²Π΅ΡΠΊΠΈ ΠΎΡ @simpleadmin
echo | openssl s_client -connect example.com:443 |& openssl x509 -noout -serial
# ΠΏΡΠΎΠ²Π΅ΡΠΊΠ° ΠΏΠΎΡΡΠΎΠ²ΠΎΠ³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ°, ΠΏΡΠΎΡΠΎΠΊΠΎΠ» SMTP
openssl s_client -connect example.com:25 -starttls smtp -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡΠΎΠ²Π΅ΡΠΊΠ° ΠΏΠΎΡΡΠΎΠ²ΠΎΠ³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ°, ΠΏΡΠΎΡΠΎΠΊΠΎΠ» SMTP
openssl s_client -connect example.com:587 -starttls smtp -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡΠΎΠ²Π΅ΡΠΊΠ° ΠΏΠΎΡΡΠΎΠ²ΠΎΠ³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ°, ΠΏΡΠΎΡΠΎΠΊΠΎΠ» IMAP
openssl s_client -connect example.com:143 -starttls imap -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# ΠΏΡΠΎΠ²Π΅ΡΠΊΠ° ΠΏΠΎΡΡΠΎΠ²ΠΎΠ³ΠΎ ΡΠ΅ΡΠ²Π΅ΡΠ°, ΠΏΡΠΎΡΠΎΠΊΠΎΠ» IMAP
openssl s_client -connect example.com:993 -showcerts </dev/null 2>/dev/null | openssl x509 -text -noout | grep -A 1 Serial Number | tr -d :
# Π² ΠΏΡΠΈΠ½ΡΠΈΠΏΠ΅ Π°Π½Π°Π»ΠΎΠ³ΠΈΡΠ½ΠΎ ΠΏΡΠΎΠ²Π΅ΡΡΡΡΡΡ ΠΈ Π΄ΡΡΠ³ΠΈΠ΅ ΡΠ΅ΡΠ²ΠΈΡΡ
Kenako muyenera kuyang'ana
Kuti musinthe satifiketi, mutha kugwiritsa ntchito certbot:
certbot renew --force-renewal
Vutoli lidapezeka pa February 29, 2020; kuti athetse vutoli, kuperekedwa kwa ziphaso kudayimitsidwa kuchokera pa 3:10 UTC mpaka 5:22 UTC. Malinga ndi kafukufuku wamkati, cholakwikacho chidachitika pa Julayi 25, 2019; kampaniyo ipereka lipoti latsatanetsatane pambuyo pake.
UPD: ntchito yotsimikizira satifiketi yapaintaneti siyingagwire ntchito kuchokera ku ma adilesi aku Russia a IP.
Source: www.habr.com