Last active
July 27, 2017 11:23
-
-
Save david-rahrer/5a9e8cbf34b7b60e3677272c19e168d4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Uncomment and modify any variables you need | |
# see https://github.com/srvrco/getssl/wiki/Config-variables for details | |
# see https://github.com/srvrco/getssl/wiki/Example-config-files for example configs | |
# | |
# The staging server is best for testing | |
#CA="https://acme-staging.api.letsencrypt.org" | |
# This server issues full certificates, however has rate limits | |
#CA="https://acme-v01.api.letsencrypt.org" | |
#PRIVATE_KEY_ALG="rsa" | |
# Additional domains - this could be multiple domains / subdomains in a comma separated list | |
# Note: this is Additional domains - so should not include the primary domain. | |
SANS=www.domain.com | |
# Acme Challenge Location. The first line for the domain, the following ones for each additional domain. | |
# If these start with ssh: then the next variable is assumed to be the hostname and the rest the location. | |
# An ssh key will be needed to provide you with access to the remote server. | |
# Optionally, you can specify a different userid for ssh/scp to use on the remote server before the @ sign. | |
# If left blank, the username on the local server will be used to authenticate against the remote server. | |
# If these start with ftp: then the next variables are ftpuserid:ftppassword:servername:ACL_location | |
# These should be of the form "/path/to/your/website/folder/.well-known/acme-challenge" | |
# where "/path/to/your/website/folder/" is the path, on your web server, to the web root for your domain. | |
#ACL=('/var/www/domain.com/web/.well-known/acme-challenge' | |
# 'ssh:server5:/var/www/domain.com/web/.well-known/acme-challenge' | |
# 'ssh:sshuserid@server5:/var/www/domain.com/web/.well-known/acme-challenge' | |
# 'ftp:ftpuserid:ftppassword:domain.com:/web/.well-known/acme-challenge') | |
#Set USE_SINGLE_ACL="true" to use a single ACL for all checks | |
#USE_SINGLE_ACL="false" | |
# Location for all your certs, these can either be on the server (full path name) | |
# or using ssh /sftp as for the ACL | |
DOMAIN_CERT_LOCATION="/etc/ssl/domain.com/domain.com.crt" | |
DOMAIN_KEY_LOCATION="/etc/ssl/domain.com/domain.com.key" | |
CA_CERT_LOCATION="/etc/ssl/domain.com/chain.crt" | |
#DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert | |
DOMAIN_PEM_LOCATION="/etc/ssl/domain.com/domain.com.pem" # this is the domain_key. domain cert and CA cert | |
# The command needed to reload apache / nginx or whatever you use | |
RELOAD_CMD="systemctl restart nginx.service" | |
# Define the server type. This can be https, ftp, ftpi, imap, imaps, pop3, pop3s, smtp, | |
# smtps_deprecated, smtps, smtp_submission, xmpp, xmpps, ldaps or a port number which | |
# will be checked for certificate expiry and also will be checked after | |
# an update to confirm correct certificate is running (if CHECK_REMOTE) is set to true | |
#SERVER_TYPE="https" | |
#CHECK_REMOTE="true" | |
# Use the following 3 variables if you want to validate via DNS | |
#VALIDATE_VIA_DNS="true" | |
#DNS_ADD_COMMAND= | |
#DNS_DEL_COMMAND= | |
#AUTH_DNS_SERVER="" | |
#DNS_WAIT=10 | |
#DNS_EXTRA_WAIT=60 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment