Skip to content
Snippets Groups Projects
Commit 1c8144f1 authored by Hahn Axel (hahn)'s avatar Hahn Axel (hahn)
Browse files

update readme

parent 1dd06659
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 5 deletions
readme.md
+ 8
5
View file @ 1c8144f1
......@@ -67,7 +67,7 @@ DEBUG: You can test and mess around. Do not use certs in production.
HELP
The basic syntax is
cm.sh ACTION [FQDN] [ALIAS_1 [.. ALIAS_N]]
cm.sh [--trace] ACTION [FQDN] [ALIAS_1 [.. ALIAS_N]]
The ACTIONs for SINGLE certificate handlings are:
......@@ -121,6 +121,10 @@ other ACTIONs
check of health with current setup and requirements.
This command is helpful for initial setups.
OPTIONS
--trace (it must be the 1st parameter)
the output additionally will be written into a tracelog file
below ./log.
DEBUG: Using Let's Encrypt STAGE environment ...
DEBUG: You can test and mess around. Do not use certs in production.
......@@ -131,8 +135,8 @@ DEBUG: You can test and mess around. Do not use certs in production.
A certificate is created for a host and can have additional DNS names (optional).
For integration into a system deployment with Ansible & co the `ensure` prameter
is the best choice because it detects what action is required.
The command
is the best choice because it detects what action is required.
The command
`[APPPATH]/cm.sh ensure www.example.com mail.example.com`
......@@ -145,10 +149,9 @@ The "manual way" with atomic actions is:
* Modify hostnames with add command `[APPPATH]/cm.sh add www.example.com mail.example.com newhost.example.com` what creates a new certificate. Optionally you can/ should revoke the existing certificate with the former host list before (see next command). The impact is: Your SSL certificate on the website is invalid up to the moment you create and deploy the new certificate what can take a few minutes. If you maintain many certificates with the same domain and the request limit is reached your application can be broken broken for an even longer time.
* Deletin the certificates includes a revoke `[APPPATH]/cm.sh delete www.example.com`
### Show certificate data
Use the listing `[APPPATH]/cm.sh list` or maybe filter it `[APPPATH]/cm.sh list | grep "mail."`
Use the listing `[APPPATH]/cm.sh list` or maybe filter it `[APPPATH]/cm.sh list | grep "mail."`
to get a list of existing certs an then use the hostname in the 1st column to show details:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment