<div dir="auto"><div>Thank you Mikalai. I will take a look.<div dir="auto"><br></div><div dir="auto">Regards</div><div dir="auto">Yasin</div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Feb 27, 2019, 4:44 PM Mikalai Birukou via kwlug-disc, <<a href="mailto:kwlug-disc@kwlug.org">kwlug-disc@kwlug.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Take a look at a script create-haproxy-with-certbot.sh in
<a class="m_6538419109997065996moz-txt-link-freetext" href="https://kwlug.org/sites/default/files/2018-12/Mikalai-Modern_treasures_LXD-scripts-KWLUG-Dec2018.zip" target="_blank" rel="noreferrer">https://kwlug.org/sites/default/files/2018-12/Mikalai-Modern_treasures_LXD-scripts-KWLUG-Dec2018.zip</a>
(resource from KWLUG past talk).</p>
<p>Bash script sets certbot with for webroot option of serving acme
via haproxy (q1). In haproxy.cfg you add a respective backend for
.../acme... paths.</p>
<p>You run getting certs first time manually, and it will remember
what needs to be renewed, and how.</p>
<p>Script has post- and post-renewal hooks (q2). Pre-hook starts
nginx that handles actual acme get requests.</p>
<p>This works and does renewal in production. Yes, certbot set cron
jobs in ubuntu 18.</p>
<p>Cheers.<br>
</p>
<div class="m_6538419109997065996moz-cite-prefix">On 2019-02-27 2:34 p.m., Yas Adem
wrote:<br>
</div>
<blockquote type="cite">
<div dir="auto">
<div>Thanks for response Paul. Using letsencrypt.</div>
<div dir="auto"><br>
</div>
<div dir="auto">Regards</div>
<div dir="auto">Yasin<br>
<br>
<div class="gmail_quote" dir="auto">
<div dir="ltr" class="gmail_attr">On Wed, Feb 27, 2019, 2:18
PM Paul Nijjar via kwlug-disc, <<a href="mailto:kwlug-disc@kwlug.org" target="_blank" rel="noreferrer">kwlug-disc@kwlug.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
I do not have such experience, but just to clarify: is
this with Let's<br>
Encrypt, or are you using another certificate authority?<br>
<br>
- Paul<br>
<br>
On Wed, Feb 27, 2019 at 10:11:56AM -0500, Yas Adem wrote:<br>
> Hi Everyone,<br>
> <br>
> First time posting question in kwlug group. Wondering
if anyone have any<br>
> experience enabling automatic renewal of wildcard
certificate? Your help<br>
> much appreciated.<br>
> <br>
<br>
_______________________________________________<br>
kwlug-disc mailing list<br>
<a href="mailto:kwlug-disc@kwlug.org" rel="noreferrer noreferrer" target="_blank">kwlug-disc@kwlug.org</a><br>
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer noreferrer noreferrer" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
</blockquote>
</div>
</div>
</div>
<br>
<fieldset class="m_6538419109997065996mimeAttachmentHeader"></fieldset>
<pre class="m_6538419109997065996moz-quote-pre">_______________________________________________
kwlug-disc mailing list
<a class="m_6538419109997065996moz-txt-link-abbreviated" href="mailto:kwlug-disc@kwlug.org" target="_blank" rel="noreferrer">kwlug-disc@kwlug.org</a>
<a class="m_6538419109997065996moz-txt-link-freetext" href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" target="_blank" rel="noreferrer">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a>
</pre>
</blockquote>
<div class="m_6538419109997065996moz-signature">-- <br>
Mikalai Birukou <br>
CEO | 3NSoft Inc.</div>
</div>
_______________________________________________<br>
kwlug-disc mailing list<br>
<a href="mailto:kwlug-disc@kwlug.org" target="_blank" rel="noreferrer">kwlug-disc@kwlug.org</a><br>
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer noreferrer" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br>
</blockquote></div></div></div>