> On 25 Feb 2017, at 11:21, Hanno Böck <[email protected]> wrote: > > On Fri, 24 Feb 2017 19:53:30 +0100 > "L. Aaron Kaplan" <[email protected]> wrote: > >> FIXED & thx to maclemon! > > Is it fixed in the sense that you replaced it with a new (3 month) one > or have you implemented some kind of automation to renew it regularly? > > I think with LE it really doesn't make any sense to do it without > automation. Which is annoying in the beginning, but the right thing on > the long term.
Yes, I totally agree there. LE without the tooling (and their API) makes little to no sense. About acme.sh in a follow-up mail: why? The Python tools are pretty decent as is their code-base (since I work[ed] on parts and have been using Python extensively in the past for systems tooling, I think I can reasonably judge), they use well maintained libraries and are checked by a lot of people. Exploiting a bash script is an order of magnitude easier than any Python code. If you think the certbot code is bad - take a look at this mess: https://github.com/Neilpang/acme.sh/blob/master/acme.sh Even though I've seen far worse they do not make use of a lot of bashisms (which, for example, makes injection easier). A while ago I've written this - now community maintained - guide, if you're into bash check it out: https://github.com/azet/community_bash_style_guide Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
