You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The le-companion is renewing the Certificates when they are valid for less than 30 days.
This is currently achieved by simply not setting the --valid_min option of the simp_le client (i.e. using the default setting).
Even if this is documented in the Manifesto of simp_le (https://github.com/zenhack/simp_le), we are relying on a default value, about something we explicitly want to have. In others words it would make more sense to set this explicitly.
Actually we could add another environmental variable (e.g LETSENCRYPT_MIN_VALID), so that every user can customize this to their liking (of course with the according sanity checks, to prevent a min-validity larger that LE will give)
And also, as it currently stands, the auto renewal process is not even tested by the test units (only the default_cert unit tests the renewal of the default certificate).
Adding a variable would allow to "spoof" the validity check (by giving a higher min validity than the current certs have), in order to test the auto renewal feature.
If interested, I could make a PR for this (including new test unit for auto renewal test)
The text was updated successfully, but these errors were encountered:
And also, as it currently stands, the auto renewal process is not even tested by the test units (only the default_cert unit tests the renewal of the default certificate).
Adding a variable would allow to "spoof" the validity check (by giving a higher min validity than the current certs have), in order to test the auto renewal feature.
In fact this is already more or less what the force_renew script does, and this one is tested.
Anyway the feature seems sound to me, feel free to submit a PR 👍
The le-companion is renewing the Certificates when they are valid for less than 30 days.
This is currently achieved by simply not setting the
--valid_min
option of thesimp_le
client (i.e. using the default setting).Even if this is documented in the Manifesto of
simp_le
(https://github.com/zenhack/simp_le), we are relying on a default value, about something we explicitly want to have. In others words it would make more sense to set this explicitly.Actually we could add another environmental variable (e.g
LETSENCRYPT_MIN_VALID
), so that every user can customize this to their liking (of course with the according sanity checks, to prevent a min-validity larger that LE will give)And also, as it currently stands, the auto renewal process is not even tested by the test units (only the default_cert unit tests the renewal of the default certificate).
Adding a variable would allow to "spoof" the validity check (by giving a higher min validity than the current certs have), in order to test the auto renewal feature.
If interested, I could make a PR for this (including new test unit for auto renewal test)
The text was updated successfully, but these errors were encountered: