Исправление
Oxdeadbeef,
(текущая версия)
:
acme-client.conf:
authority letsencrypt {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-v01.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
authority letsencrypt-staging {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-staging.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-staging-privkey.pem"
}
#domain example.com {
# alternative names { secure.example.com }
# domain key "/etc/ssl/private/example.com.key"
# domain certificate "/etc/ssl/example.com.crt"
# domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
# sign with letsencrypt
#}
domain 1t.ru {
alternative names { www.1t.ru }
domain key "/etc/ssl/acme/private/1t.ru.key"
domain certificate "/etc/ssl/acme/1t.ru.crt"
domain full chain certificate "/etc/ssl/acme/1t.ru.pem"
sign with letsencrypt
}
/etc/httpd.conf:
server "1t.ru" {
listen on egress port 80
#listen on egress tls port 443
#tls certificate "/etc/ssl/acme/1t.ru.pem"
#tls key "/etc/ssl/acme/private/1t.ru.key"
no log
location "/.well-known/acme-challenge/*" {
root "/acme"
root strip 2
}
root "/htdocs"
}
types {
include "/usr/share/misc/mime.types"
}
# acme-client -vAD 1t.ru
После получения сертификата, можно откоменнтировать SSL поддержку в /etc/httpd.conf.
Исправление
Oxdeadbeef,
:
acme-client.conf:
authority letsencrypt {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-v01.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
authority letsencrypt-staging {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-staging.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-staging-privkey.pem"
}
#domain example.com {
# alternative names { secure.example.com }
# domain key "/etc/ssl/private/example.com.key"
# domain certificate "/etc/ssl/example.com.crt"
# domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
# sign with letsencrypt
#}
domain 1t.ru {
alternative names { www.1t.ru }
domain key "/etc/ssl/acme/private/1t.ru.key"
domain certificate "/etc/ssl/acme/1t.ru.crt"
domain full chain certificate "/etc/ssl/acme/1t.ru.pem"
sign with letsencrypt
}
/etc/httpd.conf:
server "1t.ru" {
listen on egress port 80
#listen on egress tls port 443
#tls certificate "/etc/ssl/acme/1t.ru.pem"
#tls key "/etc/ssl/acme/private/1t.ru.key"
no log
location "/.well-known/acme-challenge/*" {
root "/acme"
root strip 2
}
root "/htdocs"
}
types {
include "/usr/share/misc/mime.types"
}
# acme-client -vAD 1t.ru
После получения сертификата, можно откоменнтировать SSL поддержку в /etc/httpd.conf,
Исправление
Oxdeadbeef,
:
authority letsencrypt {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-v01.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
authority letsencrypt-staging {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-staging.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-staging-privkey.pem"
}
#domain example.com {
# alternative names { secure.example.com }
# domain key "/etc/ssl/private/example.com.key"
# domain certificate "/etc/ssl/example.com.crt"
# domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
# sign with letsencrypt
#}
domain 1t.ru {
alternative names { www.1t.ru }
domain key "/etc/ssl/acme/private/1t.ru.key"
domain certificate "/etc/ssl/acme/1t.ru.crt"
domain full chain certificate "/etc/ssl/acme/1t.ru.pem"
sign with letsencrypt
}
/etc/httpd.conf:
server "1t.ru" {
listen on egress port 80
#listen on egress tls port 443
#tls certificate "/etc/ssl/acme/1t.ru.pem"
#tls key "/etc/ssl/acme/private/1t.ru.key"
no log
location "/.well-known/acme-challenge/*" {
root "/acme"
root strip 2
}
root "/htdocs"
}
types {
include "/usr/share/misc/mime.types"
}
# acme-client -vAD 1t.ru
примерно...
Исходная версия
Oxdeadbeef,
:
authority letsencrypt {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-v01.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
authority letsencrypt-staging {
agreement url "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
api url "https://acme-staging.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-staging-privkey.pem"
}
#domain example.com {
# alternative names { secure.example.com }
# domain key "/etc/ssl/private/example.com.key"
# domain certificate "/etc/ssl/example.com.crt"
# domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
# sign with letsencrypt
#}
domain 1t.ru {
alternative names { www.1t.ru }
domain key "/etc/ssl/acme/private/1t.ru.key"
domain certificate "/etc/ssl/acme/1t.ru.crt"
domain full chain certificate "/etc/ssl/acme/1t.ru.pem"
sign with letsencrypt
}
# acme-client -vAD 1t.ru
примерно...