Stefans Weblog<p>Let's Encrypt stellt die @Benachrichtigung für ablaufende Zertifikate ein. <br>Ein wunderbarer Grund den ganzen Prozess für die eigenen Systeme mit acme.sh zu automatisieren.</p><p>Ein Beispiel: Für die eigene Nextcloud wird von Certbot auf acme.sh gewechselt.</p><p><a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>letsencrypt</span></a> <a href="https://mastodon.social/tags/acmesh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>acmesh</span></a> <a href="https://mastodon.social/tags/nextcloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextcloud</span></a> <a href="https://mastodon.social/tags/raspberrypi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>raspberrypi</span></a></p><p><a href="https://strobelstefan.de/blog/2025/03/27/nextcloud_und_acmesh_-_automatische_aktualisierung_von_lets_encrypt_zertifikaten.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">strobelstefan.de/blog/2025/03/</span><span class="invisible">27/nextcloud_und_acmesh_-_automatische_aktualisierung_von_lets_encrypt_zertifikaten.html</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
helvede.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Velkommen til Helvede, fediversets hotteste instance! Vi er en queerfeministisk server, der shitposter i den 9. cirkel.
Welcome to Hell, We’re a DK-based queerfeminist server.
Read our server rules!
Administered by:
Server stats:
157active users
helvede.net: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#acmesh
0 posts · 0 participants · 0 posts today
DrScriptt<p>I started a discussion with fellow <a href="https://oldbytes.space/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> about updating <a href="https://oldbytes.space/tags/BIND" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BIND</span></a> / <a href="https://oldbytes.space/tags/named" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>named</span></a> config to migrate from the overly permissive allow-update {…} stanzas to the more restricted update-policy {…} stanzas using targeted grant statements.</p><p>The idea being to allow the <a href="https://oldbytes.space/tags/acme" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>acme</span></a> client to only be able to update (add / delete) _acme-challenge TXT instead of any record in the zone.</p><p>Old:</p><p>allow-update {<br> TSIG_KEY_NAME;<br>};</p><p>New:</p><p>update-policy {<br> grant TSIG_KEY_NAME name _acme-challenge.example.net TXT;<br>};</p><p><a href="https://oldbytes.space/tags/acmesh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>acmesh</span></a> <a href="https://oldbytes.space/tags/certbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>certbot</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload