diff options
author | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2021-05-14 12:22:46 +0100 |
---|---|---|
committer | Pedro Alvarez <pedro.alvarez@codethink.co.uk> | 2021-05-14 12:22:46 +0100 |
commit | 02b42bdafeaa5da9a5104c2d6d1f09fffeeeaac3 (patch) | |
tree | ef37681c820615ece6ee60d1870752989a416db8 | |
parent | cd5d573fc8efd29c3b0ae4bf2879d860c1960a23 (diff) | |
download | infrastructure-02b42bdafeaa5da9a5104c2d6d1f09fffeeeaac3.tar.gz |
Use wildcard on SSL generation
This speeds up the process
-rw-r--r-- | README.md | 15 |
1 files changed, 7 insertions, 8 deletions
@@ -462,8 +462,7 @@ of the subdomains: cd letsencrypt.sh cat >domains.txt <<'EOF' - baserock.org - docs.baserock.org download.baserock.org irclogs.baserock.org ostree.baserock.org paste.baserock.org spec.baserock.org + *.baserock.org > wildcard_baserock_org EOF And the `config` file needed: @@ -495,18 +494,18 @@ certificates that are present in `certs` and `private` you will have to: mkdir -p tmp/private tmp/certs # Create some full certs including key for some services that need it this way - cat docs.baserock.org/cert.csr docs.baserock.org/cert.pem docs.baserock.org/chain.pem docs.baserock.org/privkey.pem > tmp/private/frontend-with-key.pem + cat wildcard_baserock_org/cert.csr wildcard_baserock_org/cert.pem wildcard_baserock_org/chain.pem wildcard_baserock_org/privkey.pem > tmp/private/frontend-with-key.pem # Copy key files - cp docs.baserock.org/privkey.pem tmp/private/frontend.pem + cp wildcard_baserock_org/privkey.pem tmp/private/frontend.pem # Copy cert files - cp docs.baserock.org/cert.csr tmp/certs/frontend.csr - cp docs.baserock.org/cert.pem tmp/certs/frontend.pem - cp docs.baserock.org/chain.pem tmp/certs/frontend-chain.pem + cp wildcard_baserock_org/cert.csr tmp/certs/frontend.csr + cp wildcard_baserock_org/cert.pem tmp/certs/frontend.pem + cp wildcard_baserock_org/chain.pem tmp/certs/frontend-chain.pem # Create full certs without keys - cat docs.baserock.org/cert.csr docs.baserock.org/cert.pem docs.baserock.org/chain.pem > tmp/certs/frontend-full.pem + cat wildcard_baserock_org/cert.csr wildcard_baserock_org/cert.pem wildcard_baserock_org/chain.pem > tmp/certs/frontend-full.pem Before replacing the current ones, make sure you **encrypt** the ones that contain keys (located in `private` folder): |