diff --git a/certbot/0.grapheneos.network b/certbot/0.grapheneos.network index 29e0c03..bb5a6cf 100644 --- a/certbot/0.grapheneos.network +++ b/certbot/0.grapheneos.network @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.network \ -d grapheneos.network \ @@ -20,7 +20,7 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ -d dl.vanadium.app certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type rsa --rsa-key-size 3072 --reuse-key --preferred-chain "ISRG Root X1" \ + --key-type rsa --rsa-key-size 3072 --reuse-key \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name supl.grapheneos.org \ -d supl.grapheneos.org diff --git a/certbot/0.grapheneos.org b/certbot/0.grapheneos.org index dae111d..4162180 100644 --- a/certbot/0.grapheneos.org +++ b/certbot/0.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.org \ -d grapheneos.org \ diff --git a/certbot/0.ns2.grapheneos.org b/certbot/0.ns2.grapheneos.org index bb78bd9..8c9f776 100644 --- a/certbot/0.ns2.grapheneos.org +++ b/certbot/0.ns2.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name ns2.grapheneos.org \ -d ns2.grapheneos.org \ diff --git a/certbot/0.releases.grapheneos.org b/certbot/0.releases.grapheneos.org index a524c35..bed99f8 100644 --- a/certbot/0.releases.grapheneos.org +++ b/certbot/0.releases.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name releases.grapheneos.org \ -d releases.grapheneos.org \ diff --git a/certbot/attestation.app b/certbot/attestation.app index b8ea12c..b66d355 100644 --- a/certbot/attestation.app +++ b/certbot/attestation.app @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name attestation.app \ -d attestation.app \ diff --git a/certbot/discuss.grapheneos.org b/certbot/discuss.grapheneos.org index e4b5c08..7df0b19 100644 --- a/certbot/discuss.grapheneos.org +++ b/certbot/discuss.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name discuss.grapheneos.org \ -d discuss.grapheneos.org diff --git a/certbot/grapheneos.social b/certbot/grapheneos.social index 91aa415..0913e81 100644 --- a/certbot/grapheneos.social +++ b/certbot/grapheneos.social @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.social \ -d grapheneos.social \ diff --git a/certbot/mail.grapheneos.org b/certbot/mail.grapheneos.org index 07dd5b3..4dba296 100644 --- a/certbot/mail.grapheneos.org +++ b/certbot/mail.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type rsa --rsa-key-size 3072 --reuse-key --preferred-chain "ISRG Root X1" \ + --key-type rsa --rsa-key-size 3072 --reuse-key \ --deploy-hook "postfix reload; dovecot reload" \ --cert-name mail.grapheneos.org \ -d mail.grapheneos.org \ diff --git a/certbot/matrix.grapheneos.org b/certbot/matrix.grapheneos.org index c3b73a5..d421b8f 100644 --- a/certbot/matrix.grapheneos.org +++ b/certbot/matrix.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name matrix.grapheneos.org \ -d matrix.grapheneos.org \ diff --git a/certbot/mta-sts.mail.grapheneos.org b/certbot/mta-sts.mail.grapheneos.org index 05657d5..df86d92 100644 --- a/certbot/mta-sts.mail.grapheneos.org +++ b/certbot/mta-sts.mail.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name mta-sts.mail.grapheneos.org \ -d mail.grapheneos.org \ diff --git a/certbot/ns1.grapheneos.org b/certbot/ns1.grapheneos.org index 3053830..e5fd73a 100644 --- a/certbot/ns1.grapheneos.org +++ b/certbot/ns1.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name ns1.grapheneos.org \ -d ns1.grapheneos.org \ diff --git a/certbot/ns1.staging.grapheneos.org b/certbot/ns1.staging.grapheneos.org index 86ccf32..0c41a86 100644 --- a/certbot/ns1.staging.grapheneos.org +++ b/certbot/ns1.staging.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name ns1.staging.grapheneos.org \ -d ns1.staging.grapheneos.org \ diff --git a/certbot/staging.attestation.app b/certbot/staging.attestation.app index 9163d91..1b516b7 100644 --- a/certbot/staging.attestation.app +++ b/certbot/staging.attestation.app @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name staging.attestation.app \ -d staging.attestation.app diff --git a/certbot/staging.grapheneos.org b/certbot/staging.grapheneos.org index dbd6bd2..9742de4 100644 --- a/certbot/staging.grapheneos.org +++ b/certbot/staging.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ - --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ + --key-type ecdsa --reuse-key --must-staple \ --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name staging.grapheneos.org \ -d staging.grapheneos.org