acme.sh and certificate deployment
johnl at iecc.com
Sat Jul 28 01:35:00 UTC 2018
In article <CAPORhP6zXGcj5HHkWNUjWh9kWXmKc5xmV3Q9PiUzpXA4q84qtg at mail.gmail.com> you write:
>When I would do acme.sh --install-cert where do the certificates end up?
Wherever you tell it to put them. This would be a good time to try acme.sh --help
Also be sure to look at the --reloadcmd option, which lets you do whatever you need
to do once it's put the new certs where you told them to put them.
I use acme.sh with my local apache, works great. I can give you the
scripts but you wouldn't want them because the verification uses a
custom API on my DNS server.
>On 7/27/18, Andrea Venturoli <ml at netfence.it> wrote:
>> On 7/27/18 2:23 PM, David Mehler wrote:
>>> The thing that is holding me back is deployment, how do you deploy
>>> your tls certificates?
>> You once do "acme.sh --install-cert ..."
>> Then let "acme.sh --cron" do the rest periodically.
>>> Yesterday I did it manually but I only did it
>>> for one domain, copied the files where I wanted them and manually
>>> entered the tls information in apache's setup.
>> You'll still need to set up Apache (or other software) correctly, but
>> "acme.sh --install-cert" will copy them for you.
>>> I've got the cron script going so ideally i'd like to get a
>>> certificate renewed if needed cron takes care of that, then the
>>> certificate and key are deployed to where they need to go and the
>>> service or services are restarted.
>> That's exactly what "acme.sh --cron" does.
>>> My second question and this one is a curiousity, the certificates that
>>> are made end with a .cer extension, can I change this in the script?
>> Yes and no.
>> AFAIK, in acme.sh database they'll be .cer, but, since you shouldn't
>> mess directly with it, this should not matter.
>> When you use "acme.sh --install-cert" you can rename them as you like.
>freebsd-questions at freebsd.org mailing list
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions