Debian's solution to this is probably blocking on this upstream ticket:
https://github.com/certbot/certbot/issues/2964
--
Peter Eckersleyp...@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
Electronic Frontier FoundationFax +1 415 436 9993
NS
to get certs for things like mail domains that you don't want Apache to
actually respond to.
(I'm including the -n non-interactive flag because it works around this UI
issue: https://github.com/certbot/certbot/issues/3869 )
--
Peter Eckersleyp...@eff.org
Chie
now created /etc/letsencrypt/cli.ini and removed my
> drop-in that modifies the systemd service. Thanks, this thread
> has already helped me make my setup saner. :)
>
> Regards,
> Christian
>
> [1] Probably should add openat,fstatat,faccessat to the list
> as wel
y do is
tell people, "please install a copy of Cerbot greater than X; you can go
to https://certbot.eff.org/ if you need advice on how to do that on your OS"
--
Peter Eckersleyp...@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
E
encrypt-devel@lists.alioth.debian.org
> https://lists.alioth.debian.org/mailman/listinfo/letsencrypt-devel
>
--
Peter Eckersleyp...@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
Electronic Frontier FoundationFax +1 415 436 9993
___
Christian. This policy removes what might have
been the simplest option, and seems to mean that we'll want to work hard on a
plan
where Certbot is in Stretch in a way that works both for us upstream and for
the Debian release team.
--
Peter Eckersleyp...@eff.org
Chief
from a service that's only been
online for a year.
--
Peter Eckersleyp...@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
Electronic Frontier FoundationFax +1 415 436 9993
___
Letsencrypt-devel mailing li
of allowing other packages to
assume that Certbot is installable, or even Depend: on it, for enabling TLS.
--
Peter Eckersleyp...@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
Electronic Frontier FoundationFax +1 415 436 9993
Probably the debian-packaged version of the python client should come with a
GID on /etc/letsencrypt/, /var/lib/letsencrypt and /var/log/letsencrypt
that allows any user to run it if they are a member of that group.
--
Peter Eckersleyp...@eff.org
Chief Computer