moepman/acertmgr
1
0
Fork 0
mirror of https://github.com/moepman/acertmgr.git synced 2024-11-13 06:45:24 +01:00
Code Releases Activity

Readme: Add hint for proper permission setting of keys

Browse Source 
openssl genrsa > foo will allow group and world read. Add a hint that
these permissions should be adjusted.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
This commit is contained in:
Ralf Ramsauer 2016-04-09 20:53:23 +02:00 committed by Markus Hauschild
parent 4fc23b52d6
commit b3db2029e0
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -23,6 +23,7 @@ First, you need to provide two key files for the ACME protocol:
* The account key is expected at `/etc/acme/account.key`
* The domain key is expected at `/etc/acme/server.key` (note: only one domain key is required for all domains used in the same instance of acertmgr)
If you are missing these keys, you can create them using `openssl genrsa 4096 > /etc/acme/account.key` and `openssl genrsa 4096 > /etc/acme/server.key` respectively.
* Do not forget to set proper permissions of the keys using `chmod 0400 /etc/acme/*.key`
Secondly, you should download the letsencrypt CA certificate:
* wget -O /etc/acme/lets-encrypt-x3-cross-signed.pem https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem