[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [261] https: Various...
From: |
bob |
Subject: |
[Savannah-cvs] [261] https: Various... |
Date: |
Sat, 15 Oct 2016 22:45:38 +0000 (UTC) |
Revision: 261
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=261
Author: rwp
Date: 2016-10-15 22:45:36 +0000 (Sat, 15 Oct 2016)
Log Message:
-----------
https: Various...
Modified Paths:
--------------
trunk/sviki/https.mdwn
Modified: trunk/sviki/https.mdwn
===================================================================
--- trunk/sviki/https.mdwn 2016-10-15 22:45:29 UTC (rev 260)
+++ trunk/sviki/https.mdwn 2016-10-15 22:45:36 UTC (rev 261)
@@ -49,9 +49,9 @@
Savannah's non-root certbot installation
----------------------------------------
-Bob Proulx developed and installed a modified `certbot` recipe which
-allows `certbot-auto` to operate as a non-root user, isolated in its
-own directory. This setup is used on `frontend0`, `vcs0`, and `mgt0`.
+On Savannah we have installed a modified `certbot` recipe which allows
+`certbot-auto` to operate as a non-root user, isolated in its own
+directory. This setup is used on `frontend0`, `vcs0`, and `mgt0`.
### Web Server Configuration, Part 1
@@ -59,15 +59,15 @@
Alias /.well-known /home/certbot/www/certbot/.well-known
<Directory "/home/certbot/www/">
- AllowOverride None
- Require all granted
+ AllowOverride None
+ Require all granted
</Directory>
If using Nginx, use the following: (frontend0 does not yet use Nginx
however mgt0 and vcs0 do.)
location /.well-known {
- root /home/certbot/www/ ;
+ root /home/certbot/www/ ;
}
Reload Apache or Nginx.
@@ -234,11 +234,11 @@
ssl_certificate
/home/certbot/etc/live/frontend0.savannah.gnu.org/fullchain.pem;
ssl_certificate_key
/home/certbot/etc/live/frontend0.savannah.gnu.org/privkey.pem;
ssl_dhparam /etc/ssl/dhparam.pem;
- ssl_prefer_server_ciphers On;
- ssl_ciphers ... use current accepted values
- ssl_protocols ... use current accepted values
- ssl_session_cache shared:SSL:10m;
- ssl_session_timeout 10m;
+ ssl_prefer_server_ciphers On;
+ ssl_ciphers ... use current accepted values
+ ssl_protocols ... use current accepted values
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_timeout 10m;
include ssl_params.local;
# Many more SSL-specific configuration
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [261] https: Various...,
bob <=