| 4 | | = How to configure x509 on any MF/PL Server = |
| 5 | | |
| 6 | | == If the machine is a mosh == |
| 7 | | |
| 8 | | Edit the server's .pp file and add the following to the "m_mosh" class declaration: |
| 9 | | |
| 10 | | {{{ |
| 11 | | x509_method => "letsencrypt" |
| 12 | | }}} |
| 13 | | |
| 14 | | == If the server is not a mosh, but is running apache == |
| 15 | | |
| 16 | | Run: |
| 17 | | |
| 18 | | {{{ |
| 19 | | mf-certbot /etc/apache2/sites-enables/SITE.CONF |
| 20 | | }}} |
| 21 | | |
| 22 | | Complete the path above pointing to the web configuration file configured to respond to the domains you want certified. |
| 23 | | |
| 24 | | == If the server is not a mosh and is running nginx == |
| 25 | | |
| 26 | | Please patch mf-certbot to work for nginx. It should be trivial. |
| 27 | | |
| 28 | | == If the server not a mosh and is not running a web server == |
| 29 | | |
| 30 | | Run: |
| 31 | | |
| 32 | | {{{ |
| 33 | | mf-certbot domain.org www.domain.org another.domain.org |
| 34 | | }}} |
| 35 | | |
| 36 | | == Updates == |
| 37 | | |
| 38 | | The letsecnrypt software will automatically update the certificates every 3 months |
| 39 | | |
| 40 | | == To do == |
| 41 | | |
| 42 | | Add a restart command to the post-certify hook of letsecnrypt? |
| 43 | | |
| 44 | | |
| | 4 | Please see the [wiki:letsencrypt letsencrypt page]. |
