Bernard Spil
Bernard Spil
Current implementation does not generate a new domainkey when a new certificate is requested. Proposed behaviour on renewal (both TTL < 30days and forced): 1. Rename domainkey (append seconds since...
- Add datadir option (separate app from data) - Add webroot option (for proxied setups) - Remove wget dependency - fetch supports RFC1738 Common Internet Scheme Syntax http://user:pass@host:port/path?querystring - appending...
Since migrating to OpenSSL 3.0 we are experiencing intermittent issues in TLS handshakes. Old env: Ubuntu 21.10 / Postfix 3.5.6 / OpenSSL 1.1.1l New env: Ubuntu 22.04 / Postfix 3.6.4...
In https://github.com/spacemonkeygo/openssl/blob/master/cert.go you're using SHA-0. This standard was never used as collisions were found prior to ratifying it as a standard, please remove it from the code. Context: OpenSSL 1.1...
After a migration to a new server, 2FA auth no longer works (returns to login screen). Using a recovery code works OK. In the "2-Factor Authentication" settings, there are some...
We're running into an error for domains where the [`ServerName` contains a `scheme://` prefix](https://httpd.apache.org/docs/2.4/mod/core.html#servername). For servers where there's an SSL off-load in front of the Apache server, you must add...
The Nextcloud application requires access to the Authorization header for device enrollment. Without forwarding the Authorization header to php-fpm from Apache, all device enrollment will fail with the auth flow...
As of pyOpenSSL 24.1.0, the PKCS12 class is no longer available. Replace it with comparable PKCS12 from the cryptography package when importing fails, work around the changes. See: https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst#2410-2024-03-09
The Github Pages site is gone, found some replacements that work.