4 | | = How to configure x509 on any MF/PL Server = |
5 | | |
6 | | == If the machine is a mosh == |
7 | | |
8 | | Edit the server's .pp file and add the following to the "m_mosh" class declaration: |
9 | | |
10 | | {{{ |
11 | | x509_method => "letsencrypt" |
12 | | }}} |
13 | | |
14 | | == If the server is not a mosh, but is running apache == |
15 | | |
16 | | Run: |
17 | | |
18 | | {{{ |
19 | | mf-certbot /etc/apache2/sites-enables/SITE.CONF |
20 | | }}} |
21 | | |
22 | | Complete the path above pointing to the web configuration file configured to respond to the domains you want certified. |
23 | | |
24 | | == If the server is not a mosh and is running nginx == |
25 | | |
26 | | Please patch mf-certbot to work for nginx. It should be trivial. |
27 | | |
28 | | == If the server not a mosh and is not running a web server == |
29 | | |
30 | | Run: |
31 | | |
32 | | {{{ |
33 | | mf-certbot domain.org www.domain.org another.domain.org |
34 | | }}} |
35 | | |
36 | | == Updates == |
37 | | |
38 | | The letsecnrypt software will automatically update the certificates every 3 months |
39 | | |
40 | | == To do == |
41 | | |
42 | | Add a restart command to the post-certify hook of letsecnrypt? |
43 | | |
44 | | |
| 4 | Please see the [wiki:letsencrypt letsencrypt page]. |