source: letsencrypt.sh version: 0.2.0-4 severity: wishlist Upstream added in v0.3.0 multi-account support. Though in doing so it dropped support for ACCOUNT_KEY and ACCOUNT_KEY_JSON variables, in favour of some mess. See upstream commit 034ec30c7d3f098007ffee704b00cf2d3c9b78e9 https://anonscm.debian.org/git/letsencrypt/letsencrypt.sh.git/commit/?h=upstream/master&id=034ec30c7d3f098007ffee704b00cf2d3c9b78e9
I've yet to try it myself, but as I see it if users wants to keep their
account keys that are not set to the place where upstream would dream of
(${BASE_DIR}/private_key.pem), they need to move them themselves to the
final place.
Also doesn't help that:
* the path is kinda unobvious: (in bash format)
${ACCOUNTDIR:${BASEDIR}/accounts}/$(echo ${CA} | urlbase64}/
really, hashing $CA ?? Why I wonder… Besides, `urlbase64` doesn't
seem to be a thing in Debian (‽)
* the filenames changed too:
private_key.pem => account_key.pem
private_key.json => registration_info.json
and they are not configurable anymore
I know that the DSA (Debian System Administrators) use the ACCOUNT_KEY
setting for their letsencrypt.sh deployment¹, and where annoyed because
their usage was not covered in our upgrade path in the last "migration".
So, I'd love to see even a more nifty thing this time :)
¹
https://anonscm.debian.org/git/mirror/letsencrypt-domains.git/tree/config/letsencrypt-config
though atm it still uses the old PRIVATE_KEY there. I asked why,
considering that at update time I received rants over IRC for that…
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
_______________________________________________ Letsencrypt-devel mailing list [email protected] https://lists.alioth.debian.org/mailman/listinfo/letsencrypt-devel
