Subj : Installing manually obtai
To   : DIGITAL MAN
From : Dumas Walker
Date : Sun Feb 15 2026 10:21 am

> ../../3rdp_src/cl/cryptlib.h:#define CRYPT_ERROR_NOTFOUND       ( -43 ) /*
> Requested item not found in object */

> Most likely, it just doesn't support the format of the .pem file.

> I think the --import option expects a pkcs7 certificate, while
> the --import-pkcs12 option expects a pkcs12 certificate.

> The utility works for those that know how to work it.

I might know how to work it if the docs were more clear about what needs to
be done.  I suspect that fullchain.pem and privkey.pem need to be cat/tee'd
together, in that order, to make it work.

Back to the letsyncrypt bug... after reading up on how Let's Encrypt works, I
can figure out the following:

(1) at some point, letsyncrypt hit an error that it either reported or
didn't know what to do with;
(2) after that, it kept reporting '0' even though it was *not* working
(BUG!);
(3) by the time the cert expired, evidence of whatever problem letsyncypt had
(assuming it reported it to begin with) was long gone;
(4) the other two or three options on the wiki were getting errors because
they likely require a valid cert to already be in place on the web server
end. Since letsyncypt had stopped working a while back, there wasn't one.

While researching Let's Encrypt, I found a lot of good resources regarding
using their certs with haproxy.  As I am already using haproxy for something
else so I put those good resources to use.  I was able to install the cert into
haproxy, set up new front and back ends for web traffic, and had a working
website again in < 30 minutes.

I started seeing some SMTPS errors so I put the self-signed cert back into
place in /ctrl and that seemed to fix those.


 * SLMR 2.1a * Anything good is either illegal, immoral or fattening.
---
 þ Synchronet þ CAPCITY2 * Capitol City Online

.