New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix certbot staging certificate generation #236
Fix certbot staging certificate generation #236
Conversation
@frafra, many thanks for this PR I think that a better foreseeing fix might be try to remove --staging in staging and the whole --server option for both prod and staging and use --dry-run option in certbot for staging certificates. This way we will not depend anymore on ACME host names changes (see https://letsencrypt.org/docs/staging-environment/) |
@lpasquali Ok! I would then suggest renaming "STAGING" to "DRYRUN" to avoid confusion (as different certificates will be served over HTTPS). |
well it is still staging stating at the current doc I pasted, the option |
-- https://certbot.eff.org/docs/using.html?highlight=--dry-run#certbot-command-line-options It is my understanding that a GeoNode instance with set to "STAGING" will not get SSL certificates at all then, so it would rely on local self-signed certificates if available. That would break many browsers, probably. |
@frafra I beg your pardon, I wanted to mean "--test-cert" (--staging is left for backward compatibility) , "--dry-run" is not to be used in our case. |
Ok! Great then :) |
@lpasquali if it's ok with you we can merge then |
changes approved @afabiani |
Use --test-cert instead of --staging and --server (cherry picked from commit 64d403c)
Use --test-cert instead of --staging and --server (cherry picked from commit 64d403c)
Fix #203.