NTS: removed "not implemented" on server ca
hmurray at megapathdsl.net
Tue Apr 2 23:10:35 UTC 2019
> If nts in on the server line, any failure should be fatal.
If the "nts" is after the error, the parser won't see it.
>> You can switch the log file from the command line.
> I'd prefer a sane default.
The default is syslog.
I think most distros have some way to split the syslog stuff into various
> On that note, when NTS returns "pi3.rellim.com", how do I tell NTPD to use
> the IPv4 or IPv6?
That's what the -4 or -6 after "server" does. Works for NTS the same way it
does for DNS.
> Also, still broken for me when the fullchain.pem is in /tmp:
No (easy/reasonable) way that I know of to fix that. The API I'm using works
with root certs.
> Well, I don't have one. Remember, LE has no "the root cert".
Sure it does. It's already installed on your system so the normal case works.
> Well, that is wrong. I want a cert in the chain of the server I'm trying to
> NTS to. Specifically NOT a system root cert.
Sorry. I don't see how to provide that.
These are my opinions. I hate spam.
More information about the devel