Re: [Letsencrypt-devel] Certbot in Debian Stretch
On Wed, Nov 30, 2016 at 04:19:40PM +0100, Christian Seiler wrote:
> On 11/30/2016 02:33 PM, Virgo Pärna wrote:
> > On Fri, 25 Nov 2016 15:41:45 +0100, Christian Seiler <christian@iwakd.de> wrote:
> >>
> >> is not an issue (it works fine), but I had modified the cron job to
> >> pass --renew-hook and --post-hook to certbot. (As far as I can tell,
> >> there's no way of setting these in a configuration file.) The only
> >
> > I think that /etc/letsencrypt/cli.ini is supposed to work for it.
>
> As far as I am aware this is non-standard, and all examples with
> that file name I could find would do
>
> certbot --config /etc/letsencrypt/cli.ini
>
> However, certbot --help paths clearly states that --config has no
> default value, so by default certbot does not read that file, and
> strace confirms it. Actually, the only files read in by certbot
> in /etc/letsencrypt are /etc/letsencrypt/renewal/$certname.conf
> and /etc/letsencrypt/archive/$certname/cert$N.pem.
The help is wrong there; that's an instance of this bug:
https://github.com/certbot/certbot/issues/3734
https://bugs.python.org/issue28742
I'm adding the --config flag you noticed as another case of that bug. We'll
try to get a fix for that (which will probably require vendorng the argparse
library) included in upstream Certbot before Stretch freezes ;)
--
Peter Eckersley pde@eff.org
Chief Computer Scientist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
Reply to: