|Summary:||User notes mod_md v2.2.0 (log)messages|
|Product:||Apache httpd-2||Reporter:||Steffen <info>|
|Component:||mod_md||Assignee:||Apache HTTPD Bugs Mailing List <bugs>|
Description Steffen 2019-10-23 09:11:23 UTC
Already posted this on dev list, but maybe better to post here. Mod_md v2.2.0 from trunk did a complete cycle with "renew-window": "86d" and "warn-window": "87d", All looks fine including the stapling renew, but some user notes: The mod_md times are in the log and mod_status in GMT, it should be better the computer/local time zone and not only in GMT, this like mod_status and log does. ===server-status [Sun Oct 20 08:50:46] Activity: Renew in ~4 hours After that ~4hours the renew time has reached but not run yet: ===server-status [Sun Oct 20 16:50] Activity: Ongoing... Maybe better a message that explains what is ongoing ? When the time for the next run has reached, it is renewed : ===server-status [Sun Oct 20 18:56:10] Activity: The certificate for the managed domain has been renewed successfully and can be used from Mon, 21 Oct 2019 15:56:08 GMT on. Next run in ~22 hours It is already valid/usable by restarting Apache and we do not have to wait ~22 hours. It conflicts also with the Valid-From date in the certificate which is a day earlier (the real valid date), that is Sun, 20 Oct 2019 15:56:08 GMT Maybe better to explain more ? After that ~22 hours the Notify command starts my script which restarts Apache, and we have the new certificate running :) When Loglevel is info: the only entry from mod_md during the cycle is with the restart : [Mon Oct 21 18:01:54.277303 2019] [md:info] [pid 8656:tid 776] AH10068: apachelounge.com: staged set activated Maybe to consider more log entries for loglevel info. Suggestion log every status change from server-status Activity. Also there is a job.json file left in the md/tmp. This file has more info then the copied file to md/domains, namely is contains also at the top: ... "detail": "new certificate successfully saved in domains", "activity": "moving tmp to become new domains" ... "type": "message-installed" I think it is save to delete the md/temp/job.json ?