Date: Thu, 18 Jan 2018 23:52:42 +0100 From: Peter Boosten <peter@boosten.org> To: David Mehler <dave.mehler@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: acme-client and multiple domains periodic renewal Message-ID: <E4D62E34-A9DD-4242-AB0B-575BB199782D@boosten.org> In-Reply-To: <CAPORhP5pgd%2BRL8v6SZ8YxQ9=qZ0F242y_OQ_LRxmHJpVcGyweA@mail.gmail.com> References: <CAPORhP4HzZedjTKq0bcUUTT%2BxUSPeEcR=h7-OfdjO84JRBChTg@mail.gmail.com> <21941967-64AB-4585-8F16-1323CF080E54@boosten.org> <CAPORhP5pgd%2BRL8v6SZ8YxQ9=qZ0F242y_OQ_LRxmHJpVcGyweA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi David,
I=E2=80=99ve defined the acme alias for every virtual host:
<VirtualHost something>
Alias /.well-known/acme-challenge "/usr/local/www/acme/"
SSLCertificateFile =E2=80=A6
SSLEngine on
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} !=3Don
RewriteRule .* https://%{HTTP_HOST}/%{REQUEST_URI} [R=3D301,L,QSA]
</IfModule>
<Directory "/usr/local/www/acme/">
Options None
AllowOverride None
ForceType text/plain
Require all granted
</Directory>
</VirtualHost>
The main difference between your and my configuration is the Alias. It =
took me a while to get this right.
/usr/local/etc/acme/acme-client.sh holds this:
BASEDIR=3D"/usr/local/etc/acme"
SSLDIR=3D"/usr/local/etc/ssl/acme"
DOMAINSFILE=3D"${BASEDIR}/domains.txt"
CHALLENGEDIR=3D"/usr/local/www/acme"
and=20
domains.txt:
domain.one www.domain.one sub.domain.one sub2.domain.one
I did some troubleshooting by running the acme-client (in =
/usr/local/bin) manually (don=E2=80=99t forget the -s, or else you will =
be blocked for some time).
Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E4D62E34-A9DD-4242-AB0B-575BB199782D>