Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx

From:	Felix Lechner
Subject:	Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx
Date:	Fri, 12 Apr 2024 18:17:33 -0700

Hi Clément,

On Tue, Jan 30 2024, Clément Lassieur wrote:

> Carlo's solution allows to have a working nginx even when certbot
> fails.

I just upgraded a server to the latest Guix version, which I think
includes a version of this patch.

To my surprise OpenSSL, which I saw in proced, generated a lot of
certificates in /etc/certs.  I am talking about pages and pages of
asterisk, plusses, and dots for a system with twenty or so certificates.
Is it possible that they were generated as a result of the patch?

It would be unfavorable to create such certificates when they are not
needed.  It reduces valuable server entropy.

Kind regards
Felix

[Prev in Thread]

Current Thread

[Next in Thread]

Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx, Felix Lechner <=
- Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx, Carlo Zancanaro, 2024/04/14
- Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx, Carlo Zancanaro, 2024/04/14
  - Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx, Felix Lechner, 2024/04/14

Prev by Date: Re: Guix extension to display derivation (and rewrite fixed-output)
Next by Date: Re: backdoor injection via release tarballs combined with binary artifacts (was Re: Backdoor in upstream xz-utils)
Previous by thread: Guix extension to display derivation (and rewrite fixed-output)
Next by thread: Re: bug#46961: [PATCH v2 0/4] Make certbot play more nicely with nginx
Index(es):
- Date
- Thread