mirror of
https://git.freebsd.org/ports.git
synced 2025-06-19 19:50:31 -04:00
9b6f8163df
Lego is a new let's encrypt client write in Go with support for number of ACME challenges and no external dependencies. PR: 237349 Submitted by: Matthew Horan <matt@matthoran.com>
37 lines
1.1 KiB
Text
37 lines
1.1 KiB
Text
|
|
There are example scripts in
|
|
%%ETCDIR%%
|
|
that you can use for renewing and deploying certificates.
|
|
|
|
In order to run the script regularly to update the certificates add this line
|
|
to /etc/periodic.conf:
|
|
|
|
weekly_lego_enable="YES"
|
|
|
|
Additionally the following parameters may be added to /etc/periodic.conf:
|
|
|
|
Script to run to renew certificates, will be run as %%LEGO_USER%% (required)
|
|
weekly_lego_renewscript="%%ETCDIR%%/lego.sh"
|
|
|
|
To run a script after the renewal to deploy certificates
|
|
weekly_lego_deployscript="%%ETCDIR%%/deploy.sh"
|
|
|
|
If using the example renew script, add the domains for which lego will manage
|
|
certificates to
|
|
%%ETCDIR%%/domains.txt, one domain on each line.
|
|
|
|
To add a Subject Alternate Name to the certificate, append the domain(s) to the
|
|
line:
|
|
example.com www.example.com
|
|
|
|
To run lego for the first time, edit
|
|
%%ETCDIR%%/lego.sh
|
|
and set the EMAIL variable.
|
|
|
|
Then run lego.sh with the run argument as the %%LEGO_USER%% user:
|
|
$ %%ETCDIR%%/lego.sh run
|
|
|
|
Subsequent periodic runs will run with the renew argument by default, with a
|
|
renewal interval of 30 days.
|
|
|
|
|