Introduction
Introduction Statistics Contact Development Disclaimer Help
----------------------------------------
TLS on gopher update
March 14th, 2020
----------------------------------------
jan [0] is working on adding TLS support to his gopher client,
ncgopher [1]. I am running gopher over tls on cosmic.voyage via
port 7070 [2]. I went to check on it this morning and saw it was
giving me a cert error.
I'm using stunnel4 to handle the TLS stuff, and then configuring
a second copy of gophernicus to serve up the goods. The whole
process is outlined in an old phlog here [3].
What I failed to take into account is that letsencrypt updates my
keys routinely, but stunnel doesn't reload them. It's as easy to
fix as:
$ sudo /etc/init.d/stunnel4 restart
Now I need to think about how to automate that when letsencrypt
does its business. Hmmm... ahha!
/lib/systemd/system/certbot.service:
ExecStart=/usr/bin/certbot -q renew \
--post-hook "/etc/init.d/stunnel4 restart"
[0] jan
[1] ncgopher user guide
[2] cosmic on tls
[3] gophernicus TLS howto
You are viewing proxied material from gopher.black. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.