Skip to content

Instantly share code, notes, and snippets.

import socket
import struct
import sys
# We want unbuffered stdout so we can provide live feedback for
# each TTL. You could also use the "-u" flag to Python.
class flushfile(file):
def __init__(self, f):
jcjones /
Created March 2, 2015 04:58
keybase proof

Keybase proof

I hereby claim:

  • I am jcjones on github.
  • I am pug ( on keybase.
  • I have a public key whose fingerprint is EA9F F90C 541F 3487 2CA0 26FB BD4E B26B 978D F884

To claim this, I am signing this object:

jcjones / Boulder Docker Scripts
Last active June 30, 2018 03:19
Scripts to run a Dockerized copy of Boulder with CFSSL.
These scripts help you to run Boulder + CFSSL in Docker in monolithic mode.
Easy use:
git clone boulder-docker
cd boulder-docker/
./ start
Note: You will need to execute `` as a user with privileges to access Docker.
jcjones /
Last active August 29, 2015 14:22
Run from the Boulder directory so that ./test/test-ca.pem is available.
# run from Boulder dev directory
openssl ocsp -no_nonce -reqout /tmp/ocsp.req \
-issuer ${CA_CERT} \
-serial ${SERIAL} \
TOPIC=$(git symbolic-ref --short HEAD 2>/dev/null)
die() {
echo $@
exit 1
git pull --rebase origin ${DEST} || die
jcjones / user-agents-2016-01-11.csv
Created January 11, 2016 16:06
User Agents in LE Production, 12 hour period, 11 Jan 2016
user_agent _approxcount percentage
Go 1.1 package http 667546 63.69%
- 77436 7.39%
LetsEncryptPythonClient/0.1.1 (Ubuntu 14.04) Authenticator/webroot Installer/none 35653 3.40%
LiveConfig (2.0.1) 25291 2.41%
Go-http-client/1.1 24507 2.34%
acme-python 22750 2.17%
LetsEncryptPythonClient/0.1.1 (Ubuntu 15.10) Authenticator/webroot Installer/none 15648 1.49%
LetsEncryptPythonClient/0.1.1 (debian 7.9) Authenticator/webroot Installer/none 14265 1.36%
LetsEncryptPythonClient/0.1.1 (Ubuntu 12.04) Authenticator/webroot Installer/none 12466 1.19%
jcjones /
Last active October 11, 2016 16:29
Cron script to renew Let's Encrypt certs using the official client
# This is free and unencumbered software released into the public domain.
# This script is designed to be run daily by cron. Please run it with randomness in its timing to
# avoid load spikes at Let's Encrypt. One example, running between midnight at 2 AM, would be:
# 0 0 * * * sleep $[(RANDOM % 115)+5]m ; /usr/sbin/
# If you aren't using Nginx, adjust the startServer and stopServer methods to suit. Also, you could
# use the webroot method.
jcjones / letsencrypt-ct-sql-views.sql
Last active February 22, 2016 23:29
Useful views for the ct-sql database
CREATE VIEW `le_certificate` AS
`certificate`.`certID` AS `certID`,
`certificate`.`serial` AS `serial`,
`certificate`.`issuerID` AS `issuerID`,
`certificate`.`subject` AS `subject`,
`certificate`.`notBefore` AS `notBefore`,
`certificate`.`notAfter` AS `notAfter`
jcjones / An Early Look at Let's Encrypt's
Last active February 21, 2016 15:39
ct-sql datasets, 2016-02-18
jcjones / AvgNumberOfNames.sql
Created February 21, 2016 04:49
How many DNS Names are, on average, in each certificate issued by Let's Encrypt?
name AS n