-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEyEZOD5HVgOpeIJIXlSJfLnnc6wIFAlleGvIACgkQlSJfLnnc
6wLreQ/+Jd/WTbbZIqFINGpkThbxIrNEmmVdCv03X1250L8WDSSnxhRiR3vHm7iR
yKWjZRFgsqm5nsdO8vlOUM3EG3T6jYVKWP/pWnNretNf84bC93/eHA65/ltsq/Nr
x8Ei68uuPxg1vpdrGup4aUEEhDF24KY1CV8iSTkCtq4CvyBKQWHvJQ5prNhq1f4Y
sVDLr+CJVKLcTqfgnAGJjuukmDEoI49OtyFpaxDsQoBB0Mq807vlEYDz+GJpNFTo
h9TL+9EftPdAIptkxAUJ29MXt49FxdyH2c6Glj5/yuGpOrrewS2+rDcO8IyM7XYt
kCDhgoc1Vu6fYG2t/+UuzA4Cll/xT3Ad5lxRePHc7EL9PMjao9hn1toZLFzX4oLA
zvnxZXqhjNVgJxjyl2bh6lJL0y/51pKnMilHClU8OA89LChznDmastkKFaxCDHJu
a/Xi4dQLoJ5Shx6IqI9Qr8dYvfAczSgZcO7CkKrdAFwRcCLLTI+/bDvUJb6tFLlC
48xYIEX5j51H035zBXPzDaA9G1NRN1ratwP2jgvt78GkiGeB7LO73He4Yw0ns7Wz
yUtS0zHLU/hmH9UCR1hIG1wD/b27mJLjlkvUoDzNSnF4V/lgCWECmy+4Uho0sWAR
pRg4GFPwkLpXq1hk7O26mzXf0thSX4Y7Ud62Iq2QwkbkN7C6jLY=
=RyqD
-----END PGP SIGNATURE-----
Le 07/06/17 à 12:03, Stuart Henderson a écrit :
(...)
>
> /usr/local/www seems unlikely on OpenBSD.
>
> I just have
>
> location /.well-known/acme-challenge { root /var/www/letsencrypt/; }
>
> and
>
> challengedir "/var/www/letsencrypt/.well-known/acme-challenge"
>
> but there are several ways you can configure this. (e.g. you might want
> to use a different directory layout if you have anything else that uses
> the RFC5785 .well-known URIs). It doesn't matter what you use as long as
> letsencrypt can fetch the file that acme-client wrote.
>
>
OK, it's run correctly as you wrote.
I changed nginx:
location ^~ /.well-known/acme-challenge {
allow all;
#default_type "text/plain";
root /var/www/acme/test.obsd4a.net/;
}
I changed acme-client.conf:
challengedir "/var/www/acme/test.obsd4a.net/.well-known/acme-challenge"
And, the result is:
$ doas acme-client -vAD test.obsd4a.net
acme-client: /etc/ssl/acme/private/test.obsd4a.net-privkey.pem: domain
key exists (not creating)
acme-client: /etc/acme/letsencrypt-privkey.pem: account key exists (not
creating)
acme-client: https://acme-v01.api.letsencrypt.org/directory: directories
acme-client: acme-v01.api.letsencrypt.org: DNS: 184.87.72.109
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz:
req-auth: test.obsd4a.net
acme-client:
/var/www/acme/test.obsd4a.net/.well-known/acme-challenge/cugIljWXyalHSHnsOa51W4BoBEW5n0_JctHP8Y59l8U:
created
acme-client:
https://acme-v01.api.letsencrypt.org/acme/challenge/_8nN0V__nplwfEcqpwa698yd4bKBywHRWrOj8Hl33I8/1489582140:
challenge
acme-client:
https://acme-v01.api.letsencrypt.org/acme/challenge/_8nN0V__nplwfEcqpwa698yd4bKBywHRWrOj8Hl33I8/1489582140:
status
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-cert: certificate
acme-client: http://cert.int-x3.letsencrypt.org/: full chain
acme-client: cert.int-x3.letsencrypt.org: DNS: 88.221.234.34
acme-client: /etc/ssl/acme//test.obsd4a.net-chain.pem: created
acme-client: /etc/ssl/acme/test.obsd4a.net-cert.pem: created
acme-client: /etc/ssl/acme//test.obsd4a.net-fullchain.pem: created
Thank you! :D
--
~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD " +=<<<
----
<me>Stephane HUC as PengouinBSD or CIOTBSD</me>
<mail>bsd@stephane-huc.net</mail>
No comments:
Post a Comment