Skip to content

Instantly share code, notes, and snippets.

Avatar

J.C. Jones jcjones

View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am jcjones on github.
  • I am pug (https://keybase.io/pug) on keybase.
  • I have a public key whose fingerprint is EA9F F90C 541F 3487 2CA0 26FB BD4E B26B 978D F884

To claim this, I am signing this object:

@jcjones
jcjones / ocsp-demo-test.sh
Last active Aug 29, 2015
Run from the Boulder directory so that ./test/test-ca.pem is available.
View ocsp-demo-test.sh
#!/bin/bash
# run from Boulder dev directory
OCSP="http://ocsp.int-x1.letsencrypt.org/"
CA_CERT="test/test-ca.pem"
SERIAL=0x02000000000000016DD50EDFA6DAAF26
openssl ocsp -no_nonce -reqout /tmp/ocsp.req \
-issuer ${CA_CERT} \
-serial ${SERIAL} \
View git-push-review
#!/bin/bash
TOPIC=$(git symbolic-ref --short HEAD 2>/dev/null)
DEST=master
die() {
echo $@
exit 1
}
git pull --rebase origin ${DEST} || die
@jcjones
jcjones / user-agents-2016-01-11.csv
Created Jan 11, 2016
User Agents in LE Production, 12 hour period, 11 Jan 2016
View user-agents-2016-01-11.csv
user_agent _approxcount percentage
Go 1.1 package http 667546 63.69%
- 77436 7.39%
LetsEncryptPythonClient/0.1.1 (Ubuntu 14.04) Authenticator/webroot Installer/none 35653 3.40%
LiveConfig (2.0.1) 25291 2.41%
Go-http-client/1.1 24507 2.34%
acme-python 22750 2.17%
LetsEncryptPythonClient/0.1.1 (Ubuntu 15.10) Authenticator/webroot Installer/none 15648 1.49%
LetsEncryptPythonClient/0.1.1 (debian 7.9) Authenticator/webroot Installer/none 14265 1.36%
LetsEncryptPythonClient/0.1.1 (Ubuntu 12.04) Authenticator/webroot Installer/none 12466 1.19%
@jcjones
jcjones / AvgNumberOfNames.sql
Created Feb 21, 2016
How many DNS Names are, on average, in each certificate issued by Let's Encrypt?
View AvgNumberOfNames.sql
SELECT
AVG(count)
FROM
(SELECT
c.certID,
(SELECT
COUNT(n.name)
FROM
name AS n
WHERE
@jcjones
jcjones / letsencrypt-ct-sql-views.sql
Last active Feb 22, 2016
Useful views for the ct-sql database
View letsencrypt-ct-sql-views.sql
CREATE VIEW `le_certificate` AS
SELECT
`certificate`.`certID` AS `certID`,
`certificate`.`serial` AS `serial`,
`certificate`.`issuerID` AS `issuerID`,
`certificate`.`subject` AS `subject`,
`certificate`.`notBefore` AS `notBefore`,
`certificate`.`notAfter` AS `notAfter`
FROM
`certificate`
View IssuerToCompanyMap.sql
DROP TABLE IF EXISTS `company`;
DROP TABLE IF EXISTS `issuercompany`;
CREATE TABLE IF NOT EXISTS `company` (
`companyID` INT NOT NULL AUTO_INCREMENT,
`companyName` VARCHAR(255) NOT NULL,
PRIMARY KEY (`companyID`));
CREATE TABLE IF NOT EXISTS `issuercompany` (
`companyID` INT NOT NULL,
@jcjones
jcjones / letsencrypt-renew.sh
Last active Oct 11, 2016
Cron script to renew Let's Encrypt certs using the official client
View letsencrypt-renew.sh
#!/bin/bash
# This is free and unencumbered software released into the public domain.
#
# This script is designed to be run daily by cron. Please run it with randomness in its timing to
# avoid load spikes at Let's Encrypt. One example, running between midnight at 2 AM, would be:
#
# 0 0 * * * sleep $[(RANDOM % 115)+5]m ; /usr/sbin/letsencrypt-renew.sh
#
# If you aren't using Nginx, adjust the startServer and stopServer methods to suit. Also, you could
# use the webroot method.
View create_jks_from_nss_keystore.sh
#!/bin/bash
#
# Download the current NSS keystore from Mozilla-Central, and import it into
# a Java Keystore (JKS).
#
function ensure_in_path() {
prog=$1
shift