mirror of
https://github.com/moepman/acertmgr.git
synced 2024-11-14 06:55:29 +01:00
Readme: Add hint for proper permission setting of keys
openssl genrsa > foo will allow group and world read. Add a hint that these permissions should be adjusted. Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
This commit is contained in:
parent
4fc23b52d6
commit
b3db2029e0
@ -23,6 +23,7 @@ First, you need to provide two key files for the ACME protocol:
|
||||
* The account key is expected at `/etc/acme/account.key`
|
||||
* The domain key is expected at `/etc/acme/server.key` (note: only one domain key is required for all domains used in the same instance of acertmgr)
|
||||
If you are missing these keys, you can create them using `openssl genrsa 4096 > /etc/acme/account.key` and `openssl genrsa 4096 > /etc/acme/server.key` respectively.
|
||||
* Do not forget to set proper permissions of the keys using `chmod 0400 /etc/acme/*.key`
|
||||
|
||||
Secondly, you should download the letsencrypt CA certificate:
|
||||
* wget -O /etc/acme/lets-encrypt-x3-cross-signed.pem https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem
|
||||
|
Loading…
Reference in New Issue
Block a user