opennic:tls

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revisionBoth sides next revision
opennic:tls [2020-06-03T08:42:45Z] – [Planned deployment] deep42thoughtopennic:tls [2021-03-01T08:55:14Z] – [How to get started] new deep42thought
Line 10: Line 10:
   * The acme server runs experimental software. If you have any problems getting a certificate, feel free to contact [[opennic@eckner.net|Erich Eckner]]   * The acme server runs experimental software. If you have any problems getting a certificate, feel free to contact [[opennic@eckner.net|Erich Eckner]]
  
 +===== How to get started =====
 +
 +The acme server runs on a domain which must be validated by the same root certificate which is used for other opennic domains.
 +Thus, one must download the root certificate (and ignore the certificate error on the https connection) and install it as a trusted root certificate.
 +<code>
 +curl --insecure -o /usr/share/ca-certificates/trust-source/anchors/opennic_root_ca.crt https://playground.acme.libre/opennic_root_ca.crt
 +trust extract-compat
 +</code>
 +Check, that the certificate was installed correctly:
 +<code>
 +curl https://playground.acme.libre/
 +</code>
 +Then, certbot can query new certificates from the acme server.
 +<code>
 +certbot --server https://playground.acme.libre
 +</code>
 ===== Planned deployment ===== ===== Planned deployment =====
  
  • /wiki/data/pages/opennic/tls.txt
  • Last modified: 3 years ago
  • by marek