From nobody Sat Apr 20 15:34:31 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VMFtg64Kvz5J12Z for ; Sat, 20 Apr 2024 15:34:35 +0000 (UTC) (envelope-from johnl@iecc.com) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "gal.iecc.com", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VMFtg2P5pz4q2j for ; Sat, 20 Apr 2024 15:34:35 +0000 (UTC) (envelope-from johnl@iecc.com) Authentication-Results: mx1.freebsd.org; none Received: (qmail 18427 invoked from network); 20 Apr 2024 15:34:33 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=47f56623e089.k2404; bh=4MqMnrj12gEneihFOyDmjq45rQ2cEBi3shrUutJyx80=; b=HiML5uD9aXegRh12mj1HGzDVHJbPkJg7QnyR38YxSZ20ERrqK8FXmGtFZQAx8OaVSClXk2qmt+7gLtzmhm1UF2corgBzfdjhFhf7K9OMPTFWZlYl1oM8OU4HnM58SLTJI7VFp8LrNnmTaNCU/yB28JHVEWhNXr2N4P849DFWmiMgcSFvMqlz3xQjGqOXpMDJl8r2OD5uEVbtb9rjHDZG41d/9L3PbN/fJt2hgyLE4Ofpg0ZfQJWtHbMiM6gHcM4UE8xugQYxik9OVqkuFPglXqBco0K/esh8y24tabGVkGA5x4JUj41djCHiS+nuExYyqJPdr4RZiBwPPagwRSp+Aw== Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 20 Apr 2024 15:34:32 -0000 Received: by ary.qy (Postfix, from userid 501) id 671268909CE2; Sat, 20 Apr 2024 11:34:31 -0400 (EDT) Date: 20 Apr 2024 11:34:31 -0400 Message-Id: <20240420153432.671268909CE2@ary.qy> From: "John Levine" To: freebsd-questions@freebsd.org Cc: jerry@seibercom.net Subject: Re: certbot In-Reply-To: <20240420091633.00002f24@seibercom.net> Organization: Taughannock Networks X-Headerized: yes Cleverness: minimal List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org Mime-Version: 1.0 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: 8bit X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US] X-Rspamd-Queue-Id: 4VMFtg2P5pz4q2j It appears that Gerard E. Seibert said: >If I run the command from the command line, it works as expected. I did >place the following in the environment: CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 >I still do not understand why this error only happens from CRON. Most likely because that variable is not there. Cron uses a standard rather sparse environment. See "man 5 crontab". In this case rather than messing with the script, just set the variable on the command line in the crontab, e.g. 0 1 * * * CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1 certbot ... R's, John