[Yeti DNS Discuss] A public Yeti DNS resolver (but with TLS)

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Dec 29 18:11:03 UTC 2016

On Tue, Dec 27, 2016 at 07:53:49PM +0000,
 Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote 
 a message of 18 lines which said:

> it has a nice Let's Encrypt certificate. (I've set up a Nginx HTTP
> server at <https://dns-resolver.yeti.eu.org/>, ran "sudo certbot
> certonly --webroot -w /usr/share/nginx/html -d
> dns-resolver.yeti.eu.org"

Any certbot expert here? I configured cron to run "certbot renew" every

13 4 * *  *  certbot renew

But certbot is very talkative. On the standard output:

Processing /etc/letsencrypt/renewal/dns-resolver.yeti.eu.org.conf

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/dns-resolver.yeti.eu.org/fullchain.pem (skipped)
No renewals were attempted.

On the standard error (despite the fact there is no error!):

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert not yet due for renewal

To me, it violates a very important Unix design principle "when you
have nothing to say, shut up".

I do not find a way to make it "quiet" (output something only if there
is an error *or* if there is something to announce, such as an actual

More information about the discuss mailing list