Select Git revision
10_Installation.md
10_Installation.md 1.23 KiB
Installation
- Install acme.sh client: https://github.com/acmesh-official/acme.sh
- If you use Ansible/ Puppet/ ... to renew and deploy new certificates then you can deactivate the acme cronjob (
crontab -e) - Clone or extract files of iml-certman
- Make your changes by copying *dist files to file without ".dist" extension and edit
- inc_config.sh
- set credentials for dns api
- set path to acme.sh script; the default is a relative path for the suggested contellation below.
- optional: set custom target for generated certificates
- optional: for testing enable Let's Encrypt stage server to prevent running into weekly limits during tests
- optional: set a filter that must match to new certificate and all aliases
- UNUSED: templates/csr.txt
- set location, company and department ... remark: (currently?) it is removed by LE
- inc_config.sh
A suggested structure is having acme.sh and this wrapper below the same parent directory, i.e.
/opt/letsenecrypt/
|
+-- acme.sh/
| |
| + acme.sh
| + ...
|
+-- iml-certman/
|
+-- certs/
+-- templates/
+ cm.sh
+ inc_config.sh
+ ...Verify a new setup (or changes in the config) with ./cm.sh selftest.