Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 29 Jul 2018 22:14:44 -0400
From:      David Mehler <dave.mehler@gmail.com>
To:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   acme.sh question and potential site slowness
Message-ID:  <CAPORhP7YBsrGA7gTugWvj8GQ4syV0iBY1_OAj3n0VjmBK4sqqQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
Hello,

I'm using acme.sh from ports on freebsd 11.1.I've deployed a wildcard
certificate but my site seems to load slower. It's a perception thing.
Can someone take a look at these commands for generating and
installing the certificate make sure I didn't miss something?

Thanks.
Dave.
acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com --ecc
-d '*.example.com' --keylength ec-384 --ocsp
acme.sh --installcert -d example.com --ecc --cert-file
"/usr/local/etc/ssl/acme/example.com/server-ec384.crt" --key-file
"/usr/local/etc/ssl/acme/example.com/privssl/server-ec384.key"
--ca-file "/usr/local/etc/ssl/acme/example.com/cacert.crt"
--fullchain-file "/usr/local/etc/ssl/acme/example.com/fullchain.crt"
--reloadcmd "sudo service apache24 reload && sudo dovecot reload &&
sudo postfix reload"

apache https configuration:
<VirtualHost *:80>
ServerName www.example.com
ServerAlias webmail.example.com:80
ServerAdmin webmaster@example.com
DocumentRoot /usr/vhosts/example.com/temp
LogLevel info

<IfModule mod_rewrite.c>
RewriteEngine On
    RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L,R=301]
</IfModule>

<Directory "/usr/vhosts/example.com/temp/">
Options None
AllowOverride None
Require all granted
</Directory>
</VirtualHost>

<VirtualHost *:443>
ServerName www.example.com:443
ServerAlias webmail.example.com:443
ServerAdmin webmaster@example.com
DocumentRoot /usr/vhosts/example.com/temp
LogLevel info

<Directory "/usr/vhosts/example.com/temp">
Options None
AllowOverride None
Require all granted
</Directory>

SSLEngine on
SSLCertificateFile "/usr/local/etc/ssl/acme/example.com/server-ec384.crt"
SSLCertificateKeyFile
"/usr/local/etc/ssl/acme/example.com/privssl/server-ec384.key"
SSLCertificateChainFile "/usr/local/etc/ssl/acme/example.com/fullchain.crt"
SSLCACertificateFile "/usr/local/etc/ssl/acme/example.com/cacert.crt"
</VirtualHost>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP7YBsrGA7gTugWvj8GQ4syV0iBY1_OAj3n0VjmBK4sqqQ>