Open bsutton opened 9 months ago
When invoking LetsEncrypt.startSecureServer
with requestCertificate: true
and checkCertificate: true
, it triggers the acquisition of a new certificate if absent or expired. Refer to the documentation for more details. It's important to note that this process occurs solely during the server's startup.
(Indeed, there is a need for updating the documentation.)
Best regards.
So is there some path that would allow preemptive renewal.
I generally renew 10 days before.
It would be nice to use something like the dart Cron package to do regular checks.
On Fri, 8 Dec 2023, 4:58 pm Graciliano Monteiro Passos, < @.***> wrote:
When invoking LetsEncrypt.startSecureServer with requestCertificate: true and checkCertificate: true, it triggers the acquisition of a new certificate if absent or expired. Refer to the documentation https://pub.dev/documentation/shelf_letsencrypt/latest/shelf_letsencrypt/LetsEncrypt/startSecureServer.html for more details. It's important to note that this process occurs solely during the server's startup.
— Reply to this email directly, view it on GitHub https://github.com/gmpassos/shelf_letsencrypt/issues/5#issuecomment-1846589346, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAG32OFETP2HYOCPB56L2C3YIKUCFAVCNFSM6AAAAABAMEKHGOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBWGU4DSMZUGY . You are receiving this because you authored the thread.Message ID: @.***>
You can call:
... with requestCertificate : true
And if it returns okRefreshed
, you need to close the Server
socket and re-open it.
I will have a look at it.
Thanks and thanks for the package.
On Fri, 8 Dec 2023, 6:02 pm Graciliano Monteiro Passos, < @.***> wrote:
You can call:
And if it okRefreshed, you need to close the Server socket and re-open it.
— Reply to this email directly, view it on GitHub https://github.com/gmpassos/shelf_letsencrypt/issues/5#issuecomment-1846657603, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAG32OBVOKQORKJZDNV5DXTYIK3O3AVCNFSM6AAAAABAMEKHGOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBWGY2TONRQGM . You are receiving this because you authored the thread.Message ID: @.***>
Please, let me know if it works well.
Any contributions in the form of documentation or examples would be greatly appreciated.
Best regards
...
I'm not in love with a map of domains and emails being passed to startSecureServer.
I'm having to dig into the example to work out what is meant to be passed.
I assume its a map of domain names as the key to domainemails as the value.
A list that takes a small class would make this more obvious and less error prone.
I would be happy to offer up a PR with a change if its something that you would consider.
On Fri, Dec 8, 2023 at 7:30 PM Graciliano Monteiro Passos < @.***> wrote:
...
— Reply to this email directly, view it on GitHub https://github.com/gmpassos/shelf_letsencrypt/issues/5#issuecomment-1846762107, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAG32ODBWKKF4C4UI3KLCO3YILFZPAVCNFSM6AAAAABAMEKHGOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBWG43DEMJQG4 . You are receiving this because you authored the thread.Message ID: @.***>
I will be happy to review a PR. Just make it backward compatible.
Maybe startSecureServer
(with the current parameters) should call your new function, with a better definition.
Missed the compatibility statement, will add another entry point.
On Fri, 8 Dec 2023, 8:09 pm Graciliano Monteiro Passos, < @.***> wrote:
I will be happy to review a PR. Just make it backward compatible.
Maybe startSecureServer (with the current parameters) should call your new function, with a better definition.
— Reply to this email directly, view it on GitHub https://github.com/gmpassos/shelf_letsencrypt/issues/5#issuecomment-1846820234, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAG32OAX6MIMQMKKKHCIKWTYILKNNAVCNFSM6AAAAABAMEKHGOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBWHAZDAMRTGQ . You are receiving this because you authored the thread.Message ID: @.***>
For the moment I will leave this link here.
The handyman project demonstrates certificate renewal use a task scheduler that checks every hour if a cert needs to be renewed - renews the cert - and restarts the service with the new cert.
As per the title or do you need to manage that separately?