<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>Take a look at a script create-haproxy-with-certbot.sh in
<a class="moz-txt-link-freetext" href="https://kwlug.org/sites/default/files/2018-12/Mikalai-Modern_treasures_LXD-scripts-KWLUG-Dec2018.zip">https://kwlug.org/sites/default/files/2018-12/Mikalai-Modern_treasures_LXD-scripts-KWLUG-Dec2018.zip</a>
      (resource from KWLUG past talk).</p>
    <p>Bash script sets certbot with for webroot option of serving acme
      via haproxy (q1). In haproxy.cfg you add a respective backend for
      .../acme... paths.</p>
    <p>You run getting certs first time manually, and it will remember
      what needs to be renewed, and how.</p>
    <p>Script has post- and post-renewal hooks (q2). Pre-hook starts
      nginx that handles actual acme get requests.</p>
    <p>This works and does renewal in production. Yes, certbot set cron
      jobs in ubuntu 18.</p>
    <p>Cheers.<br>
    </p>
    <div class="moz-cite-prefix">On 2019-02-27 2:34 p.m., Yas Adem
      wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAOVQ=yFgBADvU9UuQfpG8h6xoOfw2=41vtmPZfnPWEdAKecTeQ@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="auto">
        <div>Thanks for response Paul.  Using letsencrypt.</div>
        <div dir="auto"><br>
        </div>
        <div dir="auto">Regards</div>
        <div dir="auto">Yasin<br>
          <br>
          <div class="gmail_quote" dir="auto">
            <div dir="ltr" class="gmail_attr">On Wed, Feb 27, 2019, 2:18
              PM Paul Nijjar via kwlug-disc, <<a
                href="mailto:kwlug-disc@kwlug.org"
                moz-do-not-send="true">kwlug-disc@kwlug.org</a>>
              wrote:<br>
            </div>
            <blockquote class="gmail_quote" style="margin:0 0 0
              .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
              I do not have such experience, but just to clarify: is
              this with Let's<br>
              Encrypt, or are you using another certificate authority?<br>
              <br>
              - Paul<br>
              <br>
              On Wed, Feb 27, 2019 at 10:11:56AM -0500, Yas Adem wrote:<br>
              > Hi Everyone,<br>
              > <br>
              > First time posting question in kwlug group. Wondering
              if anyone have any<br>
              > experience enabling automatic renewal of wildcard
              certificate? Your help<br>
              > much appreciated.<br>
              > <br>
              <br>
              _______________________________________________<br>
              kwlug-disc mailing list<br>
              <a href="mailto:kwlug-disc@kwlug.org" target="_blank"
                rel="noreferrer" moz-do-not-send="true">kwlug-disc@kwlug.org</a><br>
              <a
                href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org"
                rel="noreferrer noreferrer" target="_blank"
                moz-do-not-send="true">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
            </blockquote>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
kwlug-disc mailing list
<a class="moz-txt-link-abbreviated" href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a>
<a class="moz-txt-link-freetext" href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
    </blockquote>
    <div class="moz-signature">-- <br>
      Mikalai Birukou <br>
      CEO | 3NSoft Inc.</div>
  </body>
</html>