@p hey the majority of letsencrypt certs are done with certbot running as root, because how would you reload servers without root.
QOTO: Question Others to Teach Ourselves An inclusive, Academic Freedom, instance All cultures welcome. Hate speech and harassment strictly forbidden.
+bonifartius 𒂼𒄄
>certbot
Still amazes me that such a piece of junk is the most used acme client. Their fetish with systemd timers made them create hooks that didn't need to exist and barely any documentation on how they work exists.