From: Lukas Schauer Date: Sat, 19 Dec 2015 16:45:24 +0000 (+0100) Subject: readme: mores infos about WELLKNOWN X-Git-Tag: v0.1.0~96 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b9683445a743a714b2aa1701c638d9c1d2ed820;p=thirdparty%2Fdehydrated.git readme: mores infos about WELLKNOWN --- diff --git a/README.md b/README.md index e2782be..a399781 100644 --- a/README.md +++ b/README.md @@ -49,18 +49,34 @@ example.net www.example.net wiki.example.net This states that there should be two certificates `example.com` and `example.net`, with the other domains in the corresponding line being their alternative names. -### example nginx config +### $WELLKNOWN / challenge-response -If you want to use nginx you can set up a location block to serve your challenge responses: +Boulder (acme-server) is looking for challenge responses under your domain in the `.well-known/acme-challenge` directory +This script uses `http-01`-type verification (for now) so you need to have the that directory available over normal http (no ssl). + +A full URL would look like `http://example.org/.well-known/acme-challenge/c3VjaC1jaGFsbGVuZ2UtbXVjaA-aW52YWxpZC13b3c`. + +An example setup to get this to work would be: + +nginx.conf: ``` +... location /.well-known/acme-challenge { - root /var/www/letsencrypt; + alias /var/www/letsencrypt; } +... +``` + +config.sh: +```bash +... +WELLKNOWN="/var/www/letsencrypt" +... ``` -For this to work i'd suggest either configuring `/var/www/letsencrypt` as WELLKNOWN directory, -or to create a symlink to the default location next to the script: `ln -s /var/www/letsencrypt .acme-challenges` +An alternative to setting the WELLKNOWN variable would be to create a symlink to the default location next to the script (or BASEDIR): +`ln -s /var/www/letsencrypt .acme-challenges` ## Import