This is a known issue, see https://github.com/lobsters/lobsters-ansible/issues/2
Question is why it’s taking this long to just generate a new cert with the extra SAN…
No one is paid to work on lobsters. If you know ansible and letsencrypt you should be able to help out.
Well I don’t really know how the current Lets Encrypt cert was generated, but it’s literally just another argument. Did ask about it when it came up on IRC 3 weeks ago, but didn’t get a reply then, and figured it would probably be fixed pretty quickly then so completely forgot about it.
It was manually created with certbot but, as noted in the bug, should probably be replaced with use of acmeclient to have much fewer moving parts, if nothing else.
It’d be great to have someone who knows the topic well to help the issue along in any capacity, if you have the spare attention.
I’ve done entirely too much work with acmeclient to automate certs for http://conj.io and some other properties I run. Will try and find time this weekend to take a run at this.
That or to use dehydrated: in a text file, one certificate per line, each domain separated by a space.
I’m learning how to build a Debian package so I can make installation of my open source church software easier for the non-nerdy. So far I’ve been pleasantly surprised – the process isn’t too bad actually. I’m hoping this will make it easier for people to install and keep upgraded without having to git pull and bundle install and rake db:migrate and all that. Wish me luck!
Are you trying to get it accepted into Debian? Making a Debian package isn’t so hard, but making one that passes Debian policy is a lot harder.
No I figured I’d host my own apt repo. Good to know!
Yeah, Debian is really anal about what it accepts as a package. Every file has to be in the right location, there must be documentation, license must be clearly stated, permissions must be right, install and uninstall scripts must work harmoniously with every other package in Debian…
It puts a lot of burden on the maintainers, but as an end user, I usually love the final packaged product. I would recommend trying to make it pass Lintian, or at least do run Lintian to see what it complains about and see if you don’t mind living with its complaints.
Thanks for the tips!