[Spce-user] New to SipWise CE. Trying to use Let's Encrypt

Trent Creekmore trent at lindows.org
Sat Mar 25 18:05:11 EDT 2023


Greetings again,

cat? Wouldn't a symbolic link be better?


  Looking at your renewal script, I do not see it concatenating the 
certificates again after a renewal occurs.

In addition the script is changing the ownership of the the 
/etc/letsencrypt folder as well, instructing me to change the 
permissions of it to 750.


Thanks!


Trent


On 3/25/23 04:36, Walter Klomp wrote:
> It’s probably easier to keep the default setttings in config.yml and 
> then cat the full chain.pem and priv  key.pem to the respective cert 
> and key in the ssl directory of ngcp-config. That’s safer. No need to 
> worry about rights etc.
>
> On Sat, 25 Mar 2023 at 12:49, Trent Creekmore <trent at lindows.org> wrote:
>
>     Thanks a lot Walter.
>
>     That worked out just great. I guess I will not start making
>     changes to the config.yml to point to the certficates, and set up
>     that nice script you provided for renewal.
>
>     Thank you again!
>
>     Trent
>
>     *From:* Walter Klomp <walter at myrepublic.net>
>     *Sent:* Friday, March 24, 2023 10:10 PM
>     *To:* Trent Creekmore <trent at lindows.org>
>     *Cc:* spce-user at lists.sipwise.com
>     *Subject:* Re: [Spce-user] New to SipWise CE. Trying to use Let's
>     Encrypt
>
>     Don’t open port 80. Just stop nginx and use certbot built in browser.
>
>     On Sat, 25 Mar 2023 at 06:06, Trent Creekmore <trent at lindows.org>
>     wrote:
>
>         Thanks for the script Walter, and it will be useful, but I am
>         still unsure about opening port 80.
>
>         Will config.yml accept Port '443' and Port '80'?
>
>         On 3/23/23 17:33, Trent Creekmore wrote:
>
>             I installed it about a month ago, and have been doing some
>             reading up on it in the documentation. I do wish there was
>             a “getting started quick” guide.
>
>             On to the issue at hand, Let’s Encrypt. Looking at the
>             history of this mailing list, I see it was mentioned maybe
>             2-3 times, but that was quite a few years ago. Those
>             threads were not helpful.
>
>             The issue is Let’s Encrypt needs port 80 to send requests
>             to, and I see nothing Is listening on port 80.
>
>             Digging on my own, I found out the Nginx config files are
>             read only, and I should instead be editing the
>             /etc/ngcp-config/config.yml file.
>
>             Looking in config.yml, I see http_csc which appears to be
>             the section which handles the client portal with port 443
>             set. Not being familiar with this config.yml, how is it
>             possible to have it both listen on ports 89 and 443?
>
>             Any other suggestions on correctly using Let’s Encrypt?
>
>             Thanks!
>
>             Trent
>
>         -- 
>         Spce-user mailing list
>         Spce-user at lists.sipwise.com
>         http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com
>
>     -- 
>
>     Email header
>
>
>     Company logo <https://scribe-mail.myrepublic.net/s2/5cp2v6ux>
>
>     	
>
>     *Walter Klomp *
>
>     Head of Voice Network
>
>
>     Phone
>
>     	
>
>     *+6568161120* <tel:+6568161120>
>
>     Phone
>
>     	
>
>     *walter at myrepublic.net* <mailto:walter at myrepublic.net>
>
>
>     Beyond Work: VR Sim Racing, F1, Travel
>
>
>     11 Lorong 3 Toa Payoh, #04
>     <https://www.google.com/maps/search/11+Lorong+3+Toa+Payoh,+%2304?entry=gmail&source=g>-11/15,
>     Jackson Square, Block B, Singapore 319579
>
>     *www.myrepublic.net* <https://scribe-mail.myrepublic.net/s2/tidact0m>
>
>     facebook-f <https://scribe-mail.myrepublic.net/s2/xx0nq9qs>
>
>     	
>
>     instagram <https://scribe-mail.myrepublic.net/s2/jrh0tzt9>
>
>     	
>
>     twitter <https://scribe-mail.myrepublic.net/s2/jo8r4exb>
>
>     	
>
>     linkedin-in <https://scribe-mail.myrepublic.net/s2/37lmu5mw>
>
>
>
>     The information in this message is privileged and confidential. If
>     you are not the intended recipient of this email, please don't
>     read, copy, use, distribute or tell anyone about it; kindly
>     destroy it and notify the sender by return email. Please advise
>     immediately if you or your employer does not consent to email for
>     messages of this kind. Any content that is not concerned with
>     MyRepublic business reflects the views of the sender only and not
>     those of MyRepublic.
>
>
>
>     /The contents of this email and any attachments are confidential
>     and may also be privileged. You must not disseminate the contents
>     of this email and any attachments without permission of the
>     sender. If you have received this email by mistake, please delete
>     all copies and inform the sender immediately. You may refer to our
>     company's Privacy Policy here
>     <https://myrepublic.net/sg/legal/terms-of-use-policies/privacy-policy/>./
>
>     -- 
>     Spce-user mailing list
>     Spce-user at lists.sipwise.com
>     http://lists.sipwise.com/mailman/listinfo/spce-user_lists.sipwise.com
>
> -- 
> Email header
>
> Company logo <https://scribe-mail.myrepublic.net/s2/5cp2v6ux> 	
> Walter Klomp
> Head of Voice Network
>
> Phone 	*+6568161120* <tel:+6568161120>
> Phone 	*walter at myrepublic.net* <mailto:walter at myrepublic.net>
>
>
> Beyond Work: VR Sim Racing, F1, Travel
>
> 11 Lorong 3 Toa Payoh, #04-11/15, Jackson Square, Block B, Singapore 
> 319579
> *www.myrepublic.net* <https://scribe-mail.myrepublic.net/s2/tidact0m>
> *facebook-f * <https://scribe-mail.myrepublic.net/s2/xx0nq9qs> 
> *instagram * <https://scribe-mail.myrepublic.net/s2/jrh0tzt9> 
> *twitter * <https://scribe-mail.myrepublic.net/s2/jo8r4exb> 
> *linkedin-in * <https://scribe-mail.myrepublic.net/s2/37lmu5mw>
>
>
>
> The information in this message is privileged and confidential. If you 
> are not the intended recipient of this email, please don't read, copy, 
> use, distribute or tell anyone about it; kindly destroy it and notify 
> the sender by return email. Please advise immediately if you or your 
> employer does not consent to email for messages of this kind. Any 
> content that is not concerned with MyRepublic business reflects the 
> views of the sender only and not those of MyRepublic.
>
>
>
> The contents of this email and any attachments are confidential and 
> may also be privileged. You must not disseminate the contents of this 
> email and any attachments without permission of the sender. If you 
> have received this email by mistake, please delete all copies and 
> inform the sender immediately. You may refer to our company's Privacy 
> Policy here 
> <https://myrepublic.net/sg/legal/terms-of-use-policies/privacy-policy/>. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20230325/cde79db0/attachment-0001.html>


More information about the Spce-user mailing list