Rooba
/
perkeep
mirror of https://github.com/perkeep/perkeep.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

doc: TLS certificate configuration 

Fixes #891

Change-Id: I90a7d7c6df90d0296856caed57a1c7cada2c1d74
This commit is contained in:
mpl 2016-12-13 16:24:02 +01:00
parent 947266f042
commit a746c8df31
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/server-config.md
View File

@ -28,12 +28,19 @@ This page documents the simple configuration mode.
your Camlistore server. Useful for when running behind a reverse proxy.
Should not end in a slash. e.g. `https://yourserver.example.com`
* `https`: if "true", HTTPS is used
* `https`: if "true", HTTPS is used.
* `httpsCert`: path to the HTTPS certificate file. This is the public file.
It should include the concatenation of any required intermediate certs as
well.
* `httpsKey`: path to the HTTPS private key file.
* If an explicit certificate and key are not provided, a certificate from
[Let's Encrypt](https://letsencrypt.org) is requested automatically if the
following conditions apply:
* A fully qualified domain name is specified in either `baseURL` or `listen`.
* Camlistore listens on port `443` in order to answer the TLS-SNI challenge
from Let's Encrypt.
* As a fallback, if no FQDN is found, a self-signed certificate is generated.
* `identity`: your GPG fingerprint. A keypair is created for new users on
start, but this may be changed if you know what you're doing.