Typo
This commit is contained in:
parent
4907579b2d
commit
a7c0ecf959
|
@ -74,8 +74,8 @@ It should return the (public) IP address of your server.
|
|||
!!! warning
|
||||
|
||||
`certbot` program offers argument `--apache` and `--nginx` to modify
|
||||
Apache/Nginx config files directly, they mess up iRedMail
|
||||
configurations, please do not use these 2 arguments.
|
||||
Apache/Nginx config files directly, they will mess up config files
|
||||
generated by iRedMail, please do __NOT__ use them.
|
||||
|
||||
* Let's Encrypt has request rate limit control, you can request limited times
|
||||
for same domain in one day, but the verification process doesn't have such
|
||||
|
@ -86,6 +86,12 @@ It should return the (public) IP address of your server.
|
|||
`--dry-run` argument. It will print some text on console to ask you few
|
||||
simple questions, please read carefully and answer them.
|
||||
|
||||
!!! warning
|
||||
|
||||
If your iRedMail server was deployed with [iRedMail Easy
|
||||
platform](https://www.iredmail.og/easy.html), please use
|
||||
`-w /opt/www/well_known` instead.
|
||||
|
||||
```
|
||||
certbot certonly --webroot --dry-run -w /var/www/html -d mail.mydomain.com
|
||||
```
|
||||
|
@ -119,7 +125,7 @@ What's happening after you typed this command? you may ask.
|
|||
|
||||
We assume the web document root directory for web host name
|
||||
`mail.mydomain.com` is `/var/www/html` (this is default path configured
|
||||
by iRedMail). In new iRedMail releases, the path `/.well-known/` is
|
||||
by iRedMail downloadable installer). In new iRedMail releases, the path `/.well-known/` is
|
||||
defined in Nginx config file `/etc/nginx/templates/misc.tmpl`, if you
|
||||
have hard-coded directory for it with Nginx directive `root
|
||||
/path/to/somewhere;`, you need to replace `/var/www/html` by
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
</ul>
|
||||
</li>
|
||||
<li><a href="#request-a-free-cert-from-lets-encrypt_1">Request a free cert from Let's Encrypt</a></li>
|
||||
<li><a href="#renew-the-cert">Renew the cert</a></li>
|
||||
<li><a href="#renew-the-cert-automatically">Renew the cert automatically</a></li>
|
||||
<li><a href="#use-lets-encrypt-cert">Use Let's Encrypt cert</a><ul>
|
||||
<li><a href="#create-symbol-links">Create symbol links</a></li>
|
||||
<li><a href="#restart-network-services">Restart network services</a></li>
|
||||
|
@ -34,7 +34,7 @@
|
|||
</li>
|
||||
<li><a href="#verify-the-cert">Verify the cert</a></li>
|
||||
<li><a href="#faq">FAQ</a><ul>
|
||||
<li><a href="#renew-the-cert_1">Renew the cert</a></li>
|
||||
<li><a href="#renew-the-cert">Renew the cert</a></li>
|
||||
<li><a href="#how-to-check-cert-status">How to check cert status</a></li>
|
||||
<li><a href="#how-to-request-one-cert-with-multiple-host-names">How to request one cert with multiple host names</a></li>
|
||||
</ul>
|
||||
|
@ -114,8 +114,8 @@ later.</p>
|
|||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p><code>certbot</code> program offers argument <code>--apache</code> and <code>--nginx</code> to modify
|
||||
Apache/Nginx config files directly, they mess up iRedMail
|
||||
configurations, please do not use these 2 arguments.</p>
|
||||
Apache/Nginx config files directly, they will mess up config files
|
||||
generated by iRedMail, please do <strong>NOT</strong> use them.</p>
|
||||
</div>
|
||||
</li>
|
||||
<li>
|
||||
|
@ -126,6 +126,12 @@ configurations, please do not use these 2 arguments.</p>
|
|||
<p>Run command below as root user to verify the request process with
|
||||
<code>--dry-run</code> argument. It will print some text on console to ask you few
|
||||
simple questions, please read carefully and answer them.</p>
|
||||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p>If your iRedMail server was deployed with <a href="https://www.iredmail.og/easy.html">iRedMail Easy
|
||||
platform</a>, please use
|
||||
<code>-w /opt/www/well_known</code> instead.</p>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
<pre><code>certbot certonly --webroot --dry-run -w /var/www/html -d mail.mydomain.com
|
||||
|
@ -160,7 +166,7 @@ works</a>.</p>
|
|||
<p class="admonition-title">Warning</p>
|
||||
<p>We assume the web document root directory for web host name
|
||||
<code>mail.mydomain.com</code> is <code>/var/www/html</code> (this is default path configured
|
||||
by iRedMail). In new iRedMail releases, the path <code>/.well-known/</code> is
|
||||
by iRedMail downloadable installer). In new iRedMail releases, the path <code>/.well-known/</code> is
|
||||
defined in Nginx config file <code>/etc/nginx/templates/misc.tmpl</code>, if you
|
||||
have hard-coded directory for it with Nginx directive <code>root
|
||||
/path/to/somewhere;</code>, you need to replace <code>/var/www/html</code> by
|
||||
|
@ -199,7 +205,7 @@ It's necessary to set the permission to 0644 for other applications to access th
|
|||
<pre><code>chmod 0644 /etc/letsencrypt/{live,archive}
|
||||
</code></pre>
|
||||
|
||||
<h2 id="renew-the-cert">Renew the cert</h2>
|
||||
<h2 id="renew-the-cert-automatically">Renew the cert automatically</h2>
|
||||
<p>You can setup a daily cron job to run command <code>certbot renew</code> to renew all
|
||||
existing ssl certs which will expire in less than 30 days. We need its
|
||||
<code>--post-hook</code> argument to restart network services to load renewed ssl certs.</p>
|
||||
|
@ -268,7 +274,7 @@ restart:</p>
|
|||
submit and wait for a result).</li>
|
||||
</ul>
|
||||
<h2 id="faq">FAQ</h2>
|
||||
<h3 id="renew-the-cert_1">Renew the cert</h3>
|
||||
<h3 id="renew-the-cert">Renew the cert</h3>
|
||||
<p>Let's Encrypt cert will expire in 90 days, you must renew it before expired.
|
||||
After renewed, don't forget to restart Postfix/Dovecot/Nginx/Apache to load the
|
||||
new cert files.</p>
|
||||
|
|
Loading…
Reference in New Issue