How to address Let's Encrypt renew failure?

recently certificate for this site somehow got expired. It should got auto renewed. Since I added schedule event manually via crontab, Ghost cli also added one cron event while you run `ghost setup ssl`. I checked via `crontab -e`: 1 1 1 * * /home/errong_leng/.acme.sh/acme.sh --issue --home /etc/letsencrypt --domain errong.win --webroot /home/errong_leng/www/blog/system/nginx-root --reloadcmd "nginx -s reload" --accountemail errong.leng@gmail.com --force 2 2 2 * * /home/errong_leng/.acme.sh/ac

Post, Code and Quiet Time. How to address Let's Encrypt renew failure? By Errong Leng – 04 Apr 2023 – View online → Photo by Marek Piwnicki / Unsplash recently certificate for this site somehow got expired. It should got auto renewed. Since I added schedule event manually via crontab, Ghost cli also added one cron event while you run `ghost setup ssl`. I checked via `crontab -e`: 1 1 1 * * /home/errong_leng/.acme.sh/acme.sh --issue --home /etc/letsencrypt --domain errong.win --webroot /home/errong_leng/www/blog/system/nginx-root --reloadcmd "nginx -s reload" --accountemail errong.leng@gmail.com --force 2 2 2 * * /home/errong_leng/.acme.sh/acme.sh --issue --home /etc/letsencrypt --domain coca.errong.win --webroot /home/errong_leng/www/coca --reloadcmd "nginx -s reload" --accountemail errong.leng@gmail.com --force 53 0 * * * "/etc/letsencrypt"/acme.sh --cron --home "/etc/letsencrypt" > /dev/null Then I tried manually run /etc/letsencrypt/acme.sh --home /etc/letsencrypt/ --cron, it did not work due to .well-know/acme-challenge/xxx 404 not found. Acme.sh basic working practice it takes 7 steps: generate new intermediate CA certificate generate /.well-known/acem-challenge/xxx to your server root renew via acme Le API, submit intermediate order to CA verifying the new cert by hitting http://{yourdomain}/.well-known/acem-challenge/xxx path Lets Encrypt finalize the cert once verification pass download the new cert issued by Lets Encrypt CA restart your server For my case, it failed at step 4. My site uses nginx and .well-known path has been allow all in its conf. location ~ /.well-known { allow all; } Then check the /etc/letsencrypt/acme.sh.log, I found the root cause. Let's Encrypt acme.sh was still using the old root path /home/errong_leng/blog/system/nginx-root. In fact, I moved it to /home/errong.leng/blog/system/nginx-root since January. [Tue Apr 4 17:14:52 UTC 2023] _currentRoot='/home/errong_leng/blog/system/nginx-root' [Tue Apr 4 17:14:52 UTC 2023] wellknown_path='/home/errong_leng/blog/system/nginx-root/.well-known/acme-challenge' [Tue Apr 4 17:14:52 UTC 2023] writing token:M5Hp4j3ELNj9t2x76zEF-bOMZzE4ZIVFLHTdm_T3Y5U to /home/errong_leng/blog/system/nginx-root/.well-known/acme-challenge/M5Hp4j3ELNj9t2x76zEF-bOMZzE4ZIVFLHTdm_T3Y5U [Tue Apr 4 17:14:52 UTC 2023] Changing owner/group of .well-known to root:root Where does Let's Encrypt acme.sh read the root path for your server? I thought acme.sh would read the root directive from nginx configuration. below is the nginx ssl conf for my website. No, Let's Encrypt has its own configuration for your domain. I finally figure it out by checking '/etc/letencrypt' home directory. "Le_Webroot" defines the server root for your domain. There was a typo error, so I fixed it and renew again, finally the cert got renewed successfully. I believe I don't need to work about certs ever more. Failed Validation Limit by the way, You should receive the following error message from your ACME client when you’ve exceeded the Failed Validation limit: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/ All issuance requests are subject to a Failed Validation limit of 5 failures per account, per hostname, per hour. To avoid reach failures rate, you can using let's encrypt's staging api to verify your SSL configuration before you set up for prod. In a word, add extra parameter to the acme.sh, --staging --test Failed Validation Limit Description All issuance requests are subject to a Failed Validation limit of 5 failures per account, per hostname, per hour. You should receive the following error message from your ACME client when you’ve exceeded the Failed Validation limit:too many failed authorizations recently: see https://le… Let's Encrypt Knowledge base: Ghost SSL setup The CLI generates a free SSL certificate from Let’s Encrypt using acme.sh and a secondary NGINX config file to serve https traffic via port 443. SSL configuration After a successful ssl setup, you can find your ssl certificate in /etc/letsencrypt. SSL for additional domains You may wish to have multiple domains that redirect to your site, e.g. to have an extra TLD or to support www. domains. Ghost itself can only ever have one domain pointed at it. This is intentional for SEO purposes, however you can always redirect extra domains to your Ghost install using nginx. If you want to redirect an HTTPS domain, you must have a certificate for it. If you want to use Ghost-CLI to generate an extra SSL setup, follow this guide: Post, Code and Quiet Time. © 2023 – Unsubscribe

2023 March Adsense Report

RPM CA$0.31 presenting 583 times. income increase CA0.06$ Only 8 posts published errong.win still wait for reviewing Summary March always has Spring Break for kids. Kids were having fun, they learned swimming, skating and had a tour to sea to sky gondola. The whole family slept late during that period. So not that productivity in March. April, fighting!!!

Post, Code and Quiet Time. 2023 March Adsense Report By Errong Leng – 04 Apr 2023 – View online → Photo by Daniel Seßler / Unsplash RPM CA$0.31 presenting 583 times. income increase CA0.06$ Only 8 posts published errong.win still wait for reviewing Summary March always has Spring Break for kids. Kids were having fun, they learned swimming, skating and had a tour to sea to sky gondola. The whole family slept late during that period. So not that productivity in March. April, fighting!!! Post, Code and Quiet Time. © 2023 – Unsubscribe

How to pass properties from native(Android) to React Native?

You can pass properties down to the React Native app by providing a custom implementation of ReactActivityDelegate in your main activity. This implementation should override getLaunchOptions to return a Bundle with the desired properties. The key part is a custom implementation of ReactActivityDelegate I always like to show you code first before dive deep the implementation. ReactRootView The guide says how to set app properties via a react root view, but it didn't mention how you can get i

Post, Code and Quiet Time. How to pass properties from native(Android) to React Native? By Errong Leng – 25 Mar 2023 – View online → Photo by James Wheeler / Unsplash You can pass properties down to the React Native app by providing a custom implementation of ReactActivityDelegate in your main activity. This implementation should override getLaunchOptions to return a Bundle with the desired properties. The key part is a custom implementation of ReactActivityDelegate I always like to show you code first before dive deep the implementation. ReactRootView The guide says how to set app properties via a react root view, but it didn't mention how you can get it. mReactRootView.setAppProperties(updatedProps); I fulfilled that part in my custom react activity delegate snippets: ReactRootView::setAppProperties ReactRootView provides a read-write property appProperties. After appProperties is set, the React Native app is re-rendered with new properties. The update is only performed when the new updated properties differ from the previous ones. I used it in my custom LaunchAppAdManager.java and update the app properties in the Ads status callback. React Native App.tsx based on the launch ads state, React app decides show Home component or Interstitial(I used a full screen gif as the loading spinner). Demo Video Communication between native and React Native · React Native In Integrating with Existing Apps guide and Native UI Components guide we learn how to embed React Native in a native component and vice versa. When we mix native and React Native components, we’ll eventually find a need to communicate between these two worlds. Some ways to achieve that have been al… React Native Post, Code and Quiet Time. © 2023 – Unsubscribe

App launch ads implementation guide for your React Native (Android app)

You might follow the app open implementation guide to integrate the SDK. This guide is intended for publishers integrating app open ads using the Google Mobile Ads Android SDK. App open ads can be closed at any time, and are designed to be shown when your users bring your app to the foreground. As you observed, the app open ads is not shown when your app first got lunched. Assuming your react native app might take some time to show up, you might think of showing a loading spinner to the users

Post, Code and Quiet Time. App launch ads implementation guide for your React Native (Android app) By Errong Leng – 25 Mar 2023 – View online → Photo by Mona / Unsplash You might follow the app open implementation guide to integrate the SDK. This guide is intended for publishers integrating app open ads using the Google Mobile Ads Android SDK. App open ads can be closed at any time, and are designed to be shown when your users bring your app to the foreground. As you observed, the app open ads is not shown when your app first got lunched. Assuming your react native app might take some time to show up, you might think of showing a loading spinner to the users. What if you can show a full screen ads instead? In this post, I will guide you how to implement an App launch ads via Interstitial Ads. By doing so, you can monetize your app and also engage the users with a rich content rather than a ugly waiting screen before your app ready. Use Interstitial Ads first of all, you still need to follow the interstitial implementation guide to integrate the SDK. I created a sample launch ads manager java class for your reference. load Interstitial Ads in MainActivity::onCreate callback Ads need time to load too Things you need to know is that it always takes some to load the Ads too. Things might be worse if the network is not that fast. Just as it's important to make sure you display interstitial ads at an appropriate time, it's also important to make sure the user doesn't have to wait for them to load. Loading the ad in advance by calling load() before you intend to call show() can ensure that your app has a fully loaded interstitial ad at the ready when the time comes to display one. Core Idea In order to avoid user see empty screen while waiting for the launch ads or the ready app, I split the app start up stage into a few steps: 1. request launch ads in MainActivity::onCreate callback 2. React App show loading spinner(meanwhile prepare user data) 3. Show ads on screen once loaded 4. User closes the ads, native inform to React app ads is dismissed 5. React app hide the loading spinner and show the app with user data For step 2, you can refer to my previous post, How to display full screen animated gif for your react native app? The major part is React app need to know the native ads state and change its state accordingly and render proper content to user. Please see my next post: How to pass properties from native(Android) to React Native? References Android App Open Ads App Open Ads | Android | Google Developers Google Developers Android App Interstitial Ads Interstitial ads | Android | Google Developers Google Developers Communication between native and React Native Communication between native and React Native · React Native In Integrating with Existing Apps guide and Native UI Components guide we learn how to embed React Native in a native component and vice versa. When we mix native and React Native components, we’ll eventually find a need to communicate between these two worlds. Some ways to achieve that have been al… React Native Post, Code and Quiet Time. © 2023 – Unsubscribe