-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/08/2015 05:36 PM, James Hogarth wrote:
>
>
> On 8 December 2015 at 18:28, Reindl Harald <h.reindl@thelounge.net
I cannot speak for the entire Working Group, but I think that we> <mailto:h.reindl@thelounge.net>> wrote:
>
>
>
> Am 08.12.2015 um 19:17 schrieb James Hogarth:
>
> I've recently packaged the official letsencrypt client for rawhide
> (with comaintainers getting the F23 build out to bohdi today) and
> thought it sensible to reach out the there server working group
> about it.
>
> As you're all no doubt aware there is a big push for encrypting ask
> http on the public internet and it occurred to me further
> integration into the web server role might be desirable.
>
> Wanted to get your feedback before hacking on LE with bits
> interesting to me - for example I'm considering making use of
> systemd templates and a timer for automated certificate renewal and
> submitting the documentation and sample units upstream for that use
> case.
>
> Looking forward to getting your thoughts on this
>
>
> Hi
>
> may i suggest at least two subpackages for cases where it is *not*
> desired that something generic touchs configuration files and
> someone needs to write his own integration in existing
> infrastructure using the client per CLI?
>
>
>
> Well I wouldn't be intending to overwrite people's code/config
> willy nilly Reindl ...
>
> I'm thinking more along the lines of (assuming default
> configuration for letsencrypt):
>
> systemctl enable letsencrypt@www.example.com.service with a target
> being called by a timer to refresh all of these which executes
> something like letsencrypt -c /etc/letsencrypt/renewal/%i.conf
> --renew-by-default certonly ... the question of how to notify the
> webserver to trigger a reload would need to be answered of course
> but that's just an implementation question and this would, of
> course, be totally optional and up to the administrator.
>
> Anyway back to the core of the question ... would the Server
> Working Group find an integration question/problem/solution
> interesting for a Server Feature for Fedora Server 24 ?
>
certainly want to look into anything we can do to move Let's Encrypt
forward. I'm going to put this on the agenda for tomorrow's Server SIG
meeting (at 11am EST/1600 UTC)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlZuxksACgkQeiVVYja6o6NozgCcDvISJNouZc6EOSgNjvhxpN9p
z50AnjXY8JmbV0gFyMVxF75gL/h2yWoS
=c4jP
-----END PGP SIGNATURE-----
_______________________________________________
server mailing list
server@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/server@lists.fedoraproject.org