]> git.openstreetmap.org Git - chef.git/blobdiff - cookbooks/letsencrypt/files/default/bin/renew
projects / chef.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Tell certbot to prefer the legacy "DST Root CA X3" chain
[chef.git] / cookbooks / letsencrypt / files / default / bin / renew
diff --git a/cookbooks/letsencrypt/files/default/bin/renew b/cookbooks/letsencrypt/files/default/bin/renew
index d5b7232bf84b1b27380e9b3bd1822502d803faf4..2b7e6b4a8278c77eaa9ddb7bef35141a90853e24 100755 (executable)
--- a/cookbooks/letsencrypt/files/default/bin/renew
+++ b/cookbooks/letsencrypt/files/default/bin/renew
@@ -1,8 +1,11 @@
 #!/bin/sh
 
+cd /srv/acme.openstreetmap.org
+
 /usr/bin/certbot renew \
     --quiet \
+    --preferred-chain "DST Root CA X3" \
     --config-dir /srv/acme.openstreetmap.org/config \
     --work-dir /srv/acme.openstreetmap.org/work \
     --logs-dir /srv/acme.openstreetmap.org/logs \
-    --renew-hook /srv/acme.openstreetmap.org/renew-hook
+    --renew-hook /srv/acme.openstreetmap.org/bin/renew-hook
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.