Comments (5)
Brawl345
commented on May 26, 2024
1
I'm running OpenResty 1.21.4.1 and using lua-resty-auto-ssl without problems. Shame that it seems unsupported though, better to migrate to something else.
from lua-resty-auto-ssl.
bryanus
commented on May 26, 2024
I'm currently running Openresty v1.15.8.2. Is anyone running a newer version without issues? Wondering if I should upgrade or not.
Their github repo seems to be outdated? Last release there is 1.15.8.3:
https://github.com/openresty/openresty/releases
from lua-resty-auto-ssl.
bryanus
commented on May 26, 2024
I'm running OpenResty 1.21.4.1 and using lua-resty-auto-ssl without problems. Shame that it seems unsupported though, better to migrate to something else.
I wonder how much time I (we) have before something breaks and certs stop issuing. I'm loath to set up another solution (Caddy seems to be the recommended route?). Have you moved on already?
from lua-resty-auto-ssl.
Brawl345
commented on May 26, 2024
Have you moved on already?
Yes, shortly after I posted this I switched to Caddy. I set OpenResty to another port, disabled TLS/moved every site to the HTTP port and everything that has to do with lua-resty-auto-ssl and in my Caddfile for every domain I first set up a reverse_proxy that points to OpenResty (need to use the OpenResty HTTP port!). Then I migrated one site after another. Took me a whole day but in the end it was worth it. Many configs are now just a few lines vs two whole server blocks.
from lua-resty-auto-ssl.
bryanus
commented on May 26, 2024
Yes, shortly after I posted this I switched to Caddy. I set OpenResty to another port, disabled TLS/moved every site to the HTTP port and everything that has to do with lua-resty-auto-ssl and in my Caddfile for every domain I first set up a reverse_proxy that points to OpenResty (need to use the OpenResty HTTP port!). Then I migrated one site after another. Took me a whole day but in the end it was worth it. Many configs are now just a few lines vs two whole server blocks.
Phew! Took me a bit of work over a few weeks, but I finally put my Caddy server into production today! I had to flip flop between my AutoSSL server and Caddy as to not hit the 300certs/3hr rate limit; I wasn't able to copy my old certs over as I didn't want to risk something breaking. Caddy seems to be doing great so far, and the certificate issuance is superfast in comparison. I probably spent the most time tweaking my Caddyfile as it was all new to me.
Edit: Perhaps I didnt need to be concerned with the rate limits. It seems that Caddy has its own internal rate limiter as to avoid hitting the LE rate limits:
ACME challenges take at least a few seconds, and internal rate limiting helps mitigate accidental abuse. Caddy uses internal rate limiting in addition to what you or the CA configure so that you can hand Caddy a platter with a million domain names and it will gradually -- but as fast as it can -- obtain certificates for all of them. Caddy's internal rate limit is currently 10 attempts per ACME account per 10 seconds. read more
from lua-resty-auto-ssl.
Related Issues (20)
- Is it possible to change the LE CA to a custom CA? HOT 1
- Working with a Third-Party ACME Provider and Request is Incorrect HOT 2
- How to pass username in auth option for redis.
- Does it support zerossl
- Certificates with multiple accounts HOT 1
- How to explicitly delete a domain/certificate? HOT 1
- Proxy Protocol v2 not supported
- How change allow_domains to file separate
- Security issue
- New Release? HOT 6
- Migrate letsencrypt certifcates on disk to lua-resty-open-ssl HOT 2
- Failing to use the 'has_certificate' method HOT 1
- Renewal fails with error: auto-ssl: failed to obtain lock: closed, context: ngx.timer
- Move Out Renewal Jobs to Another Server HOT 1
- Let's Encrypt response on renewal: Order's status ("valid") is not acceptable for finalization
- Update Dehydrated to 0.7.1+ to fix issuance with Let's Encrypt
- Cannot change the renewal interval
- Remove cached certificate HOT 1
- How To Clear Queued Renewal Work? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lua-resty-auto-ssl.