From bb2686a08f8bd9fcff7cd3486a430b951caf9eb5 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Mon, 13 Aug 2018 08:46:02 +0200 Subject: [PATCH] Update ACME documentation about TLS-ALPN challenge --- docs/configuration/acme.md | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/docs/configuration/acme.md b/docs/configuration/acme.md index 07c10678f9..b7990a765e 100644 --- a/docs/configuration/acme.md +++ b/docs/configuration/acme.md @@ -102,29 +102,23 @@ entryPoint = "https" # # KeyType = "RSA4096" -# Domains list. -# Only domains defined here can generate wildcard certificates. +# Use a TLS-ALPN-01 ACME challenge. # -# [[acme.domains]] -# main = "local1.com" -# sans = ["test1.local1.com", "test2.local1.com"] -# [[acme.domains]] -# main = "local2.com" -# [[acme.domains]] -# main = "*.local3.com" -# sans = ["local3.com", "test1.test1.local3.com"] +# Optional (but recommended) +# +[acme.tlsChallenge] # Use a HTTP-01 ACME challenge. # -# Optional (but recommended) +# Optional # -[acme.httpChallenge] +# [acme.httpChallenge] # EntryPoint to use for the HTTP-01 challenges. # # Required # - entryPoint = "http" + # entryPoint = "http" # Use a DNS-01 ACME challenge rather than HTTP-01 challenge. # Note: mandatory for wildcard certificate generation. @@ -147,6 +141,18 @@ entryPoint = "https" # Default: 0 # # delayBeforeCheck = 0 + +# Domains list. +# Only domains defined here can generate wildcard certificates. +# +# [[acme.domains]] +# main = "local1.com" +# sans = ["test1.local1.com", "test2.local1.com"] +# [[acme.domains]] +# main = "local2.com" +# [[acme.domains]] +# main = "*.local3.com" +# sans = ["local3.com", "test1.test1.local3.com"] ``` ### `caServer` @@ -164,7 +170,7 @@ caServer = "https://acme-staging-v02.api.letsencrypt.org/directory" ### ACME Challenge -#### TLS Challenge +#### `tlsChallenge` Use the `TLS-ALPN-01` challenge to generate and renew ACME certificates by provisioning a TLS certificate.