After being unsure for a while of what to look for in the Certbot / Letsencrypt log that is pertinent, as in useful to look for under normal circumstances, I finally had a renewal fail and figured it out. The string “(failure)” will appear if a renewal fails, and will be on the same line as the name of the cert.
Continue reading post "Letsencrypt log failure string"I use Letsencrypt with certbot for the HTTPS certificates of my personal sites. I use the certonly method to allow full control over my server configuration. This means specifying one or more web-roots for each certificate.
My sites are now HTTPS-enabled with LetsEncrypt. It was easy to set up with Dreamhost’s panel. It was just a few clicks and some waiting. This is the first time my own sites have been available over HTTPS. I’ve been wanting to do it for a while, but it was kind of costly until the free LetsEncrypt became available. This brings my sites in line with the “HTTPS Everywhere” movement. I’ve also been wanting to play with the new installable apps forming standard for making web apps installable almost like native apps.
I had written a post before about how I’m setting my security-related headers. I’ve now added an HTTPS related header in a similar manner: Upgrade-Insecure-Requests and
Dreamhost now supports LetsEncrypt even with shared hosting. LetsEncrypt provides free SSL certificates. I’m going to have to try it out on my domains. My plan is to make my visitor targeted domains have https as the canonical protocol but still support http for older browsers.