Skip to content

Instantly share code, notes, and snippets.


J.C. Jones jcjones

View GitHub Profile
import socket
import struct
import sys
# We want unbuffered stdout so we can provide live feedback for
# each TTL. You could also use the "-u" flag to Python.
class flushfile(file):
def __init__(self, f):

Keybase proof

I hereby claim:

  • I am jcjones on github.
  • I am pug ( on keybase.
  • I have a public key whose fingerprint is EA9F F90C 541F 3487 2CA0 26FB BD4E B26B 978D F884

To claim this, I am signing this object:

jcjones / Boulder Docker Scripts
Last active Jun 30, 2018
Scripts to run a Dockerized copy of Boulder with CFSSL.
View Boulder Docker Scripts
These scripts help you to run Boulder + CFSSL in Docker in monolithic mode.
Easy use:
git clone boulder-docker
cd boulder-docker/
./ start
Note: You will need to execute `` as a user with privileges to access Docker.
jcjones /
Last active Aug 29, 2015
Run from the Boulder directory so that ./test/test-ca.pem is available.
# run from Boulder dev directory
openssl ocsp -no_nonce -reqout /tmp/ocsp.req \
-issuer ${CA_CERT} \
-serial ${SERIAL} \
View git-push-review
TOPIC=$(git symbolic-ref --short HEAD 2>/dev/null)
die() {
echo $@
exit 1
git pull --rebase origin ${DEST} || die
jcjones / user-agents-2016-01-11.csv
Created Jan 11, 2016
User Agents in LE Production, 12 hour period, 11 Jan 2016
View user-agents-2016-01-11.csv
user_agent _approxcount percentage
Go 1.1 package http 667546 63.69%
- 77436 7.39%
LetsEncryptPythonClient/0.1.1 (Ubuntu 14.04) Authenticator/webroot Installer/none 35653 3.40%
LiveConfig (2.0.1) 25291 2.41%
Go-http-client/1.1 24507 2.34%
acme-python 22750 2.17%
LetsEncryptPythonClient/0.1.1 (Ubuntu 15.10) Authenticator/webroot Installer/none 15648 1.49%
LetsEncryptPythonClient/0.1.1 (debian 7.9) Authenticator/webroot Installer/none 14265 1.36%
LetsEncryptPythonClient/0.1.1 (Ubuntu 12.04) Authenticator/webroot Installer/none 12466 1.19%
jcjones /
Last active Oct 11, 2016
Cron script to renew Let's Encrypt certs using the official client
# This is free and unencumbered software released into the public domain.
# This script is designed to be run daily by cron. Please run it with randomness in its timing to
# avoid load spikes at Let's Encrypt. One example, running between midnight at 2 AM, would be:
# 0 0 * * * sleep $[(RANDOM % 115)+5]m ; /usr/sbin/
# If you aren't using Nginx, adjust the startServer and stopServer methods to suit. Also, you could
# use the webroot method.
jcjones / letsencrypt-ct-sql-views.sql
Last active Feb 22, 2016
Useful views for the ct-sql database
View letsencrypt-ct-sql-views.sql
CREATE VIEW `le_certificate` AS
`certificate`.`certID` AS `certID`,
`certificate`.`serial` AS `serial`,
`certificate`.`issuerID` AS `issuerID`,
`certificate`.`subject` AS `subject`,
`certificate`.`notBefore` AS `notBefore`,
`certificate`.`notAfter` AS `notAfter`
jcjones / AvgNumberOfNames.sql
Created Feb 21, 2016
How many DNS Names are, on average, in each certificate issued by Let's Encrypt?
View AvgNumberOfNames.sql
name AS n