> If nts in on the server line, any failure should be fatal.
If the "nts" is after the error, the parser won't see it. >> You can switch the log file from the command line. > I'd prefer a sane default. The default is syslog. I think most distros have some way to split the syslog stuff into various piles (files). > On that note, when NTS returns "pi3.rellim.com", how do I tell NTPD to use > the IPv4 or IPv6? That's what the -4 or -6 after "server" does. Works for NTS the same way it does for DNS. > Also, still broken for me when the fullchain.pem is in /tmp: No (easy/reasonable) way that I know of to fix that. The API I'm using works with root certs. > Well, I don't have one. Remember, LE has no "the root cert". Sure it does. It's already installed on your system so the normal case works. > Well, that is wrong. I want a cert in the chain of the server I'm trying to > NTS to. Specifically NOT a system root cert. Sorry. I don't see how to provide that. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
