147
edits
Changes
From SME Server
Jump to navigationJump to search
mLine 68:
Line 68: − + Line 74:
Line 74: + + Line 84:
Line 86: − +
→Installation of Letsencrypt.sh: Document test CA
#!/bin/bash
#!/bin/bash
# config
# config
# CA="https://acme-staging.api.letsencrypt.org/directory"
WELLKNOWN="/home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge"
WELLKNOWN="/home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge"
HOOK="/usr/local/bin/letsencrypt-hook.sh"
HOOK="/usr/local/bin/letsencrypt-hook.sh"
CONTACT_EMAIL="admin@yourdomain.com"
CONTACT_EMAIL="admin@yourdomain.com"
Ctrl-X to exit, Y to save.
Ctrl-X to exit, Y to save.
For testing purposes, it's recommended that you uncomment the third line (so it begins with "CA="). Any certificates issued while testing will not be trusted, but they will also not count against your rate limits. Once your configuration is set, you can comment out that line and re-run letsencrypt.sh.
You'll need to create a custom "hook" script to set the config database up properly, and to trigger reloads of your system services when a certificate is issued or renewed.
You'll need to create a custom "hook" script to set the config database up properly, and to trigger reloads of your system services when a certificate is issued or renewed.
KEY=$3
KEY=$3
CERT=$4
CERT=$4
CHAIN=${5/fullchain.pem/chain.pem}
CHAIN=$6
/sbin/e-smith/db configuration setprop modSSL key $KEY
/sbin/e-smith/db configuration setprop modSSL key $KEY
/sbin/e-smith/db configuration setprop modSSL crt $CERT
/sbin/e-smith/db configuration setprop modSSL crt $CERT
