=> Re: "How many here use the same TLS certificate on their gemini..." | In: s/Gemini
for those using LE, are you copying your keys to the user running your server? I ask because after using certbot, the directory holding the LE certs is not viewable by a regular user on my machine.
=> ๐ gritty
2023-08-19 ยท 1 year ago
=> ๐ค alexlehm ยท 2023-08-19 at 17:36:
I copy the files with sudo and access them with the user the server is running under
=> ๐ญ Supernova [OP] ยท 2023-08-19 at 23:09:
@alexlehm Oh there is a runtime option, and I use docker certbot so I think I can use it this way:
docker compose run --rm certbot renew --reuse-key
I will see what happens next month upon renewal ๐
=> ๐ gyaradong ยท 2023-08-20 at 04:34:
I see the purpose as different. The point of minting a key is to have a centralised chain of trust. I think the key life times are for the CA to validate or audit the keys. CRLs are not always effective, so everything must have a lifetime.
In Gemini, it's TOFU so the utility of a lifetime and of minting are both limited and across purposes.
How many here use the same TLS certificate on their gemini server that they get for their web server? I found it not too hard to setup. I am surprised I don't see more gemini capsules doing the same.
=> ๐ฌ Supernova ยท 13 comments ยท 2023-08-19 ยท 1 year ago ยท #certificates This content has been proxied by September (3851b).Proxy Information
text/gemini; charset=utf-8