Automatic renewal #26

Questão nova

fechada(s)

2018-12-06 15:00:58 +00:00 aberta(s) por Ghost · 3 comentários

Ghost comentou 2018-12-06 15:00:58 +00:00

Copiar ligação

Hi, well done 👍

How automatic renewal works? Does it kind of a cron job?

Or should I call the register method every month to ensure my certificates renewed?

Hi, well done :+1: How automatic renewal works? Does it kind of a cron job? Or should I call the `register` method every month to ensure my certificates renewed?

coolaj86 comentou 2018-12-06 17:12:10 +00:00

Proprietário(a)

Copiar ligação

Each certificate has an expiry time listed on the certificate which is cached and checked on each new tls session request.

When the certificate is less than 15 days from expiring, register is automatically called (with a random jitter to prevent simultaneous renewal on high-traffic sites).

There’s nothing that you have to do. :)

Each certificate has an expiry time listed on the certificate which is cached and checked on each new tls session request. When the certificate is less than 15 days from expiring, register is automatically called (with a random jitter to prevent simultaneous renewal on high-traffic sites). There’s nothing that you have to do. :)

Ghost comentou 2018-12-06 18:01:47 +00:00

Autor(a)

Copiar ligação

Thank you for your quick response.

So it means if there is no traffic for more than 90 days, they will be expired. Am I right?

And I don't use the default middleware. Instead, I've got my own SNICallback. I think in this use-case, the renewal process won't work.

Thank you for your quick response. So it means if there is no traffic for more than 90 days, they will be expired. Am I right? And I don't use the default middleware. Instead, I've got my own SNICallback. I think in this use-case, the renewal process won't work.

coolaj86 comentou 2018-12-06 23:45:37 +00:00

Proprietário(a)

Copiar ligação

That's correct. This was built assuming a public-facing webserver with daily traffic. However, if I recall correctly, it will wait until the certificate has renewed until responding to the request if the cert is expired.

What's your use case?

Dipping down into the SNICallback is certainly valid, but there may be a way to do what you need to do and still take advantage of the built-in niceties (maybe by calling greenlock's SNICallback after you do what you need to do).

That's correct. This was built assuming a public-facing webserver with daily traffic. However, if I recall correctly, it will wait until the certificate has renewed until responding to the request if the cert is expired. What's your use case? Dipping down into the SNICallback is certainly valid, but there may be a way to do what you need to do and still take advantage of the built-in niceties (maybe by calling greenlock's SNICallback after you do what you need to do).

coolaj86 encerrou esta questão 2019-02-05 05:14:07 +00:00

Inicie a sessão para participar neste diálogo.

Sem ramo ou etiqueta especificados

Ramos Etiquetas

master

github

next

v4

npm

v3

wip

dns-challenge-regression-fix

v2.4

v2.5

v2.3

v2

v2.2

acmev2

v2.1

greenlock

v1

node-letsencrypt-python

v4.0.5

v4.0.4

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.1.5

v3.1.4

v3.1.3

v3.0.25

v3.0.24

v3.0.23

v3.0.21

v3.0.20

v3.0.19

v3.0.18

v3.0.17

v3.0.16

v3.0.15

v3.0.12

v3.0.11

v3.0.10

v3.0.9

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.23

v2.7.22

v2.7.21

v2.7.20

v2.7.19

v2.7.18

v2.7.17

v2.7.16

v2.7.15

v2.7.14

v2.7.13

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.10

v2.6.9

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.10

v2.4.9

v2.4.8

v2.4.7

v2.4.2

v2.4.1

v2.4.0

v2.3.13

v2.3.12

v2.3.11

v2.3.10

v2.3.9

v2.3.8

v2.3.7

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.20

v2.2.19

v2.2.18

v2.2.17

v2.2.16

v2.2.15

v2.2.14

v2.2.13

v2.2.12

v2.2.11

v2.2.10

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.0

v2.1.19

v2.1.18

v2.1.17

v2.1.16

v2.1.15

v2.1.14

v2.1.13

v2.1.12

v2.1.11

v2.1.10

v2.1.9

v2.1.7

v2.1.6

v2.1.5

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v1.5.8

v2.0.5

v2.0.4

v1.5.7

v1.5.6

v1.5.5

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.2

v1.0.0

v1.0.1

Rótulos

Sem itens

Sem rótulo

Etapa

Sem itens

Sem etapa

Encarregados

Retirar todos os encarregados

jshaver coolaj86

Sem encarregados

2 Participantes

Notificações

Subscrever

Data de vencimento

Sem data de vencimento definida.

Dependências

Não estão definidas dependências.

Referência: coolaj86/greenlock.js-ARCHIVED#26

Nenhuma descrição fornecida.