|
Nearly lost but got there
⬜⬜🟩⬜🟩
⬜⬜🟩⬜🟩
🟩⬜🟩⬜🟩
🟩⬜🟩🟨🟩
🟩🟩🟩🟩🟩
Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
Wordle 383 4/6
🟨🟨⬛⬛⬛
⬛🟨⬛🟨🟩
🟨⬛⬛⬛⬛
🟩🟩🟩🟩🟩
Luckily I am reading a lot of novels lately and this word is quite common
GCS/GE d--(d) s-/+ a C+++ U+++ P-- L+@ E-- W+++ N+ o+ K- w+++ O? M-- V? PS+ PE Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
|
|
|
|
|
Wordle 383 4/6
🟩⬜⬜⬜⬜
🟩⬜🟨🟨⬜
🟩🟩🟨⬜⬜
🟩🟩🟩🟩🟩
just a lucky random word
|
|
|
|
|
Wordle 383 3/6*
🟨⬜🟨⬜⬜
🟨🟨🟨🟨⬜
🟩🟩🟩🟩🟩
Happiness will never come to those who fail to appreciate what they already have. -Anon
|
|
|
|
|
Wordle 383 4/6*
⬜⬜🟨🟨⬜
🟨⬜🟩⬜🟩
⬜⬜🟩🟩🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Wordle 383 4/6
⬛⬛🟩⬛🟩
🟨⬛🟩⬛🟩
🟩🟨🟩⬛🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Strange word today!
Wordle 383 4/6
🟩⬛⬛⬛🟩
🟩🟩⬛⬛🟩
🟩🟩⬛⬛🟩
🟩🟩🟩🟩🟩
Get me coffee and no one gets hurt!
|
|
|
|
|
Wordle 383 4/6
⬛⬛⬛⬛⬛
⬛⬛🟩⬛🟩
⬛⬛🟩⬛🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
trying to renew my cert should have taken 3 lines
sudo systemctl stop nginx
sudo certbot renew
sudo systemctl start nginx
Instead, the thing refused to stop and took over an hour to troubleshoot.
And this is basically par for the course with these systems.
Particularly linux distros. I'm so over it.
I want to like open source, but sometimes it seems rickety.
Also, why the heck do we need to encrypt all web traffic these days?
Certs are a hassle I'd rather not have to deal with ever 90 days.
Sorry guys. Just venting over here. Maybe some of you know why waving a dead chicken over linux never works, but I don't.
To err is human. Fortune favors the monsters.
|
|
|
|
|
The 90 day renewal is what LetsEncrypt uses for free certificates. You can purchase a certificate that last up to two years. There are multiple reasons certificates expire, from ensuring it doesn't get used by someone else after your site is gone to ensuring the certificate itself is resistant to brute force decryption attacks.
|
|
|
|
|
One small correction - browsers don't accept certificates that are valid longer than 1 year.
|
|
|
|
|
I'm using letsencrypt/certbot with Apache 2.4.x on Ubuntu 20.04LTS. 3 sites, 1 cert to cover them all.
Initial signup Aug 2021, answered the script's questions and away it went.
Had to do some minor tweaks to the site configs it wrote for the :443 sites, mainly for some of my custom logging.
Since then, about every 2 months, it (I think the certbot snap) pops up, installs a new cert and does a graceful restart of apache httpd.
So undramatic I don't even notice. To write this I had to peek into /etc/letsencrypt/archive/ to find out when it did the renewals.
Obviously a case of ymmv (or apache vs nginx setup?)
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
honey the codewitch wrote: Certs are a hassle I'd rather not have to deal with ever 90 days.
I've got one 'bought' SSL cert (2 yrs) and two letsencrypt ssl certs. The letsencrypt certs on my windows servers are good for 90 days and are managed automatically by an app/service called certifytheweb. It was a bit tricky getting it working the first time, but since then I haven't had to worry about them for over 2 years now.
I'm running a mail server on one of those and recently (2 weeks ago) finally figured out how to export the public/private keys that are required for hMailServer. Now I've just got to learn enough powershell to automate the process!
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
I did the let's encrypt thing for a season and found it fiddly. I prefer to have to renew once a year so I went and got a real wildcard as they are pretty cheap today.
|
|
|
|
|
I tried other stuff to have IIS/Windows autorenew (wildcard) - but not CertifyTheWeb - I will try it out and if it works I am going to owe you a beer.
If not I will just keep on drinking myself
|
|
|
|
|
IIRC, the trick in IIS was app pool permissions on the .well-known/acme-challenge folder. Good luck!
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
Why are certs required? Who's the sheriff?
"A little time, a little trouble, your better day"
Badfinger
|
|
|
|
|
your browser will default to https these days. sites pretty much have to support SSL.
To err is human. Fortune favors the monsters.
|
|
|
|
|
So certs are the badge of a secure website and the right to claim "https".
That relationship is not obvious. Thanx.
"A little time, a little trouble, your better day"
Badfinger
|
|
|
|
|
A bit more than that. The https protocol is not just a "label", it's an actual protocol, and the handshaking involves the sharing of the certificate with the requester. So the cert is an integral part of the SSL protocol. No cert, HTTPS doesn't even begin to work.
|
|
|
|
|
Not sure which browser you're using but Edge, Chrome (unless it was in the update this week), and Firefox don't default to SSL. They do check for a certificate first and then warn you if you're going to an https URL and there's no certificate.
|
|
|
|
|
the heck it doesn't. It wants to do it unless i explicitly type http:// in the address bar. I always have to fiddle with that when i'm calling web stuff off an esp32 which doesn't do ssl
To err is human. Fortune favors the monsters.
|
|
|
|
|
You need to go into Options and uncheck the "Screw up randomly" box.
Or use sudo scrwuprnd off
|
|
|
|
|
honey the codewitch wrote: Maybe some of you know why waving a dead chicken over linux never works, but I don't.
Windows is a proprietary O/S, so waving proprietary dead chickens over it works. Linux is an open-source O/S; you need to open-source your dead chickens.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
...also, which dead chicken you use is dependent on your distro. When in doubt, you may have to try all 500+ of them... but try them quickly. The longer you wait, the more seem to hatch!
|
|
|
|