From 3d7e8f4dd9a58255cf7d426824b53e68155b536c Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Fri, 14 May 2021 15:54:16 +0100 Subject: Add instructions to generate wildcard certificate This will speed up the process. Just having to generate one. --- README.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 425409b4..fb404f27 100644 --- a/README.md +++ b/README.md @@ -462,8 +462,7 @@ of the subdomains: cd letsencrypt.sh cat >domains.txt <<'EOF' - baserock.org - docs.baserock.org download.baserock.org irclogs.baserock.org ostree.baserock.org paste.baserock.org spec.baserock.org + *.baserock.org > star_baserock_org EOF And the `config` file needed: @@ -495,18 +494,18 @@ certificates that are present in `certs` and `private` you will have to: mkdir -p tmp/private tmp/certs # Create some full certs including key for some services that need it this way - cat docs.baserock.org/cert.csr docs.baserock.org/cert.pem docs.baserock.org/chain.pem docs.baserock.org/privkey.pem > tmp/private/frontend-with-key.pem + cat star_baserock_org/cert.csr star_baserock_org/cert.pem star_baserock_org/chain.pem star_baserock_org/privkey.pem > tmp/private/frontend-with-key.pem # Copy key files - cp docs.baserock.org/privkey.pem tmp/private/frontend.pem + cp star_baserock_org/privkey.pem tmp/private/frontend.pem # Copy cert files - cp docs.baserock.org/cert.csr tmp/certs/frontend.csr - cp docs.baserock.org/cert.pem tmp/certs/frontend.pem - cp docs.baserock.org/chain.pem tmp/certs/frontend-chain.pem + cp star_baserock_org/cert.csr tmp/certs/frontend.csr + cp star_baserock_org/cert.pem tmp/certs/frontend.pem + cp star_baserock_org/chain.pem tmp/certs/frontend-chain.pem # Create full certs without keys - cat docs.baserock.org/cert.csr docs.baserock.org/cert.pem docs.baserock.org/chain.pem > tmp/certs/frontend-full.pem + cat star_baserock_org/cert.csr star_baserock_org/cert.pem star_baserock_org/chain.pem > tmp/certs/frontend-full.pem Before replacing the current ones, make sure you **encrypt** the ones that contain keys (located in `private` folder): -- cgit v1.2.1