Mailing List CGatePro@mail.stalker.com Message #106589
From: Shaun Gamble listrdr@redco.com.au <CGatePro@mail.stalker.com>
Subject: Re: Lets Encrypt for CGP on WIndows
Date: Thu, 28 Sep 2017 14:16:47 +1000
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

Thank you . I have Perl on this server so I will play around when it is time to renew.

I appreciate your help :-)


On 28/09/2017 12:06 PM, Nicolas Hatier nicolas.hatier@niversoft.com wrote:
Script is quite crude but works well for me:

https://pastebin.com/cN2ngVkG

Nicolas Hatier, ing. <nicolas.hatier@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com



On 2017-09-27 22:00, Nicolas Hatier nicolas.hatier@niversoft.com wrote:

I wrote a Perl script that uses CLI.pm to configure the new certificate automatically in CGP.

Nicolas Hatier, ing. <nicolas.hatier@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com



On 2017-09-27 20:56, Shaun Gamble listrdr@redco.com.au wrote:

Are you manually importing the certificate into CGP each time you renew or are you able to automate issuing the certificate to CGP each time you renew?


On 27/09/2017 4:18 AM, Nicolas Hatier nicolas.hatier@niversoft.com wrote:

I'm doing it with getssl, on windows with cygwin.

Using DNS testing, I had to write a script to update the DNS record at my DNS provider, and another one that update CGP certificates using CLI.pm

Took me about an hour to get it right, and now it's been running without issues for almost a year.

Setup on our linux servers was a lot easier since http testing could be used on those machines, and I simply reused the CGP script from the Windows installation.

Not "hard", but far from being plug and play.

Nicolas Hatier, ing. <nicolas.hatier@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com



On 2017-09-25 22:40, Shaun Gamble listrdr@redco.com.au wrote:
CGP 6.1.16

Windows 2012R2

Has anyone managed to set-up Lets Encrypt keys and certificates for CGP? I'm trying to move away from self signed certificates as it is now becoming too hard with FireFox refusing to create a permanent exception.

I am testing with the le64.exe client. Due to the inability to use http testing, I am trying to use DNS testing. It's driving me nuts as the main ISP in Australia still isn't using IPv6 and doesn't allow us to change CAA records.



-- 

Shaun
Fitzroy Island <http://www.fitzroyisland.com>
Destination Darwin NT <http://www.destinationnt.com>
MOM Backpackers <http://www.momdarwin.com>
Value Inn Hotel <http://www.valueinn.com.au>
Please do not send any unsolicited email. It is not wanted. 



-- 

Shaun
Fitzroy Island <http://www.fitzroyisland.com>
Destination Darwin NT <http://www.destinationnt.com>
MOM Backpackers <http://www.momdarwin.com>
Value Inn Hotel <http://www.valueinn.com.au>
Please do not send any unsolicited email. It is not wanted. 
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster