Date: Fri, 27 Jul 2018 19:32:04 -0400 From: David Mehler <dave.mehler@gmail.com> To: Andrea Venturoli <ml@netfence.it> Cc: freebsd-questions@freebsd.org Subject: Re: acme.sh and certificate deployment Message-ID: <CAPORhP6zXGcj5HHkWNUjWh9kWXmKc5xmV3Q9PiUzpXA4q84qtg@mail.gmail.com> In-Reply-To: <120e2cd3-b6a4-ac3d-714e-8597b88f95ed@netfence.it> References: <CAPORhP7bq_NiL7kt0iqVBfenfX9P_YWXbbY75L5bg7yWjEDrLw@mail.gmail.com> <120e2cd3-b6a4-ac3d-714e-8597b88f95ed@netfence.it>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, When I would do acme.sh --install-cert where do the certificates end up? Thanks. Dave. On 7/27/18, Andrea Venturoli <ml@netfence.it> wrote: > On 7/27/18 2:23 PM, David Mehler wrote: > >> The thing that is holding me back is deployment, how do you deploy >> your tls certificates? > > You once do "acme.sh --install-cert ..." > Then let "acme.sh --cron" do the rest periodically. > > > >> Yesterday I did it manually but I only did it >> for one domain, copied the files where I wanted them and manually >> entered the tls information in apache's setup. > > You'll still need to set up Apache (or other software) correctly, but > "acme.sh --install-cert" will copy them for you. > > > >> I've got the cron script going so ideally i'd like to get a >> certificate renewed if needed cron takes care of that, then the >> certificate and key are deployed to where they need to go and the >> service or services are restarted. > > That's exactly what "acme.sh --cron" does. > > > >> My second question and this one is a curiousity, the certificates that >> are made end with a .cer extension, can I change this in the script? > > Yes and no. > AFAIK, in acme.sh database they'll be .cer, but, since you shouldn't > mess directly with it, this should not matter. > When you use "acme.sh --install-cert" you can rename them as you like. > > > > bye > av. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP6zXGcj5HHkWNUjWh9kWXmKc5xmV3Q9PiUzpXA4q84qtg>