Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
module:letsyncrypt [2018/03/13 15:42] – Keys in the root section, not global keys deuce | module:letsyncrypt [2019/07/24 15:26] – [Setup] Beautification and added GroupReadableKeyFile digital man |
---|
If you have multiple domain names, you can have LetSyncrypt put them all in a single certificate, even if you have virtual hosts. Edit the ''[[dir:ctrl]]/letsyncrypt.ini'' file and add a [Domains] section where the key is the hostname, and the value is the web root for that domain: | If you have multiple domain names, you can have LetSyncrypt put them all in a single certificate, even if you have virtual hosts. Edit the ''[[dir:ctrl]]/letsyncrypt.ini'' file and add a [Domains] section where the key is the hostname, and the value is the web root for that domain: |
| |
<file> | <file ini> |
[Domains] | [Domains] |
nix.synchro.net=/sbbs/web/root | nix.synchro.net = /sbbs/web/root |
home.bbsdev.net=/sbbs/web/root | home.bbsdev.net = /sbbs/web/root |
gallery.bbsdev.net=/sbbs/web/root/gallery.bbsdev.net | gallery.bbsdev.net = /sbbs/web/root/gallery.bbsdev.net |
pics.bbsdev.net=/sbbs/web/root/pics.bbsdev.net | pics.bbsdev.net = /sbbs/web/root/pics.bbsdev.net |
</file> | </file> |
| |
This example has four domains (nix.synchro.net, home.bbsdev.net, gallery.bbsdev.net, and pics.bbsdev.net). The last two are virtual hosts, so have their web root as a subdirectory of the main web root. | This example has four domains (nix.synchro.net, home.bbsdev.net, gallery.bbsdev.net, and pics.bbsdev.net). The last two are virtual hosts, so have their web root as a subdirectory of the main web root. |
| |
You can specify the ACMEv2 endpoint using the ''Host'' and ''Directory'' keys in the [[config:ini_files#root_section|root section]]. ''Host'' is the domain name of the ACMEv2 endpoint, and ''Directory'' is appended to it to generate the URL that is fetched for the Directory object. You can also indicate that you agree to the Terms of Service by setting TOSAgreed to true. | You can specify the ACMEv2 endpoint using the ''Host'' and ''Directory'' keys in the [[config:ini_files#root_section|root section]]. ''Host'' is the domain name of the ACMEv2 endpoint, and ''Directory'' is appended to it to generate the URL that is fetched for the Directory object. You can also indicate that you agree to the Terms of Service by setting ''TOSAgreed = true''. |
| |
<file> | <file ini> |
Host=acme-staging-v02.api.letsencrypt.org | Host = acme-v02.api.letsencrypt.org |
Directory=/directory | Directory = /directory |
TOSAgreed=true | TOSAgreed = true |
| GroupReadableKeyFile = false |
</file> | </file> |
| |
Note that without the TOSAgreed=true line, you will likely never get a certificate, but the first few words in this file at present are "This Subscriber Agreement (“Agreement”) is a legally binding contract" | Note that without the ''TOSAgreed = true'' line, you will likely never get a certificate, but the first few words in this file at present are "This Subscriber Agreement (“Agreement”) is a legally binding contract" |
| |
Do not modify the ''State'' or ''key_id'' sections of this file. | Do not modify the ''[State]'' or ''[key_id]'' sections of this file. |
| |
===== Running Manually ===== | ===== Running Manually ===== |