I had the problem, that when renewing the Letsencrypt certificate via cronjob Amazon Linux 2
certbot renew --post-hook "systemctl reload httpd" >> /var/log/certbot.log 2>&1
the SSL certificate was not renewed, but following error occurred:
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',)
Attempting to renew cert (foo.de) from /etc/letsencrypt/renewal/foo.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.
I then looked in configuration: /etc/letsencrypt/renewal/foo.conf and the Authentificator modified on Apache and the challenge of Authentificator on HTTP (through the Web server).
# Options used in the renewal process
account = xxx
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = apache
installer = apache
pref_challs = http-01,
After that was the important Port 80 unlock the security group for authentication and another command
was the certificate was successfully renewed.
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for foo.de
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of apache server; fullchain is
Under Windows, scripts can be, that's endless run with PHP using a service implemented.
This has the advantage of, that is the memory consumption with the time to infinity, with endless script versions and a recovery and restart functionality can be implemented, to keep the service over long periods of time running.
Furthermore, the service receives from the operating system events, if e.g.. a shutdown is, to be able to stop in time itself and not corrupt data to produce cancellation in a non-atomic operation.
To create a Windows service, you need the win32service PHP library.
You can here them Download and in the php.ini embed:
Create service more…
For recurring PHP jobs can the operating system scheduler use, is cron under Linux and Windows tasks.
To a PHP script to start C:\foobar. php using the Task Scheduler every minute can you see Windows 10 and including as follows new challenges apply.
Under control panel -.> Task Scheduler new tasks can be managed:
Control Panel-> Task Scheduler
To enlarge the disk of an EC2 instance must you increase the volume first via the console and then run normally on the instance of following commands (AWS documentation):
sudo growpart /dev/xvda 1
sudo yum install xfsprogs
sudo xfs_growfs -d /
grep -A4 --include \*pattern\*.xml searchText *
To the user traffic in proftp log to a MySQL database, you only need the user table a column “traffic” Add type BIGINT, Default 0:
ALTER TABLE `ftpuser` ADD COLUMN `traffic` BIGINT NOT NULL DEFAULT '0';
Then you can use a SQLNamedQuery kan in the sql.conf, to cut with the amount of traffic:
SQLLog RETR,STOR,APPE extendedlog
SQLNamedQuery extendedlog UPDATE "traffic= (traffic + %b) WHERE userid='%u'" ftpuser
Attention, Use leads to increased traffic to the database.
To send Amazon SES email, need to verify only the email address. This is a problem, If one has access to the domain, but has set up a mail server.
To work around the problem, one only verifies the domain in SES and is then under Configure email receiving a to verifierende E-Mail address and connects them with a SNS topic. After that you can Subscription set up on the SNS topic via email and so the verification email can be forward on an existing mailbox.
To the IIS 7.5 all HTTP verbs like PUT, POST, DELETE and PATCH to enable, need to disable the following modules and handlers in the web.config:
<?xml version="1.0" encoding="UTF-8"?>
<remove name="WebDAVModule" />
<remove name="WebDAV" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
To create a certificate for IIS under IIS, should you create a SSL certificate with openssl (comes with GIT in C:\Program FilesGitusrbin).
With the two commands, you can create a .pfx file, also see chrome 60 He runs on option chrome://flags/#allow-insecure-localhost.
openssl req -newkey rsa:2048 -x509 -nodes -keyout server.key -new -out server.crt -subj /CN=localhost -reqexts SAN -extensions SAN -config openssl.cnf -sha256 -days 36500
openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt
You need a configuration file OpenSSL.cnf: more…