1
0
mirror of https://github.com/moepman/acertmgr.git synced 2024-11-14 06:55:29 +01:00

Readme: Add hint for proper permission setting of keys

openssl genrsa > foo will allow group and world read. Add a hint that
these permissions should be adjusted.

Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
This commit is contained in:
Ralf Ramsauer 2016-04-09 20:53:23 +02:00 committed by Markus Hauschild
parent 4fc23b52d6
commit b3db2029e0

View File

@ -23,6 +23,7 @@ First, you need to provide two key files for the ACME protocol:
* The account key is expected at `/etc/acme/account.key`
* The domain key is expected at `/etc/acme/server.key` (note: only one domain key is required for all domains used in the same instance of acertmgr)
If you are missing these keys, you can create them using `openssl genrsa 4096 > /etc/acme/account.key` and `openssl genrsa 4096 > /etc/acme/server.key` respectively.
* Do not forget to set proper permissions of the keys using `chmod 0400 /etc/acme/*.key`
Secondly, you should download the letsencrypt CA certificate:
* wget -O /etc/acme/lets-encrypt-x3-cross-signed.pem https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem