doc: apache: add example configuration for mod_md

diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md
index d32cc786cd852467ce83ee8087ded450e5a0ca03..73e23886909cbbfdd45de4172f5bb7644036e7ba 100644 (file)
--- a/doc/md/Server-configuration.md
+++ b/doc/md/Server-configuration.md
@@ -128,20 +128,22 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
     ServerName shaarli.mydomain.org
     DocumentRoot /var/www/shaarli.mydomain.org/
 
-    # Redirect HTTP requests to HTTPS
+    # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests
     RewriteEngine on
     RewriteRule ^.well-known/acme-challenge/ - [L]
-    # except for Let's Encrypt ACME challenge requests
     RewriteCond %{HTTP_HOST} =shaarli.mydomain.org
     RewriteRule  ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent]
+    # If you are using mod_md, use this instead
+    #MDCertificateAgreement accepted
+    #MDContactEmail admin@shaarli.mydomain.org
+    #MDPrivateKeys RSA 4096
 </VirtualHost>
 
 <VirtualHost *:443>
     ServerName   shaarli.mydomain.org
     DocumentRoot /var/www/shaarli.mydomain.org/
 
-    # SSL/TLS configuration (for Let's Encrypt certificates)
-    # If certificates were acquired from certbot standalone
+    # SSL/TLS configuration for Let's Encrypt certificates acquired with certbot standalone
     SSLEngine             on
     SSLCertificateFile    /etc/letsencrypt/live/shaarli.mydomain.org/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/shaarli.mydomain.org/privkey.pem
@@ -152,6 +154,9 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf
     SSLSessionTickets       off
     SSLOptions +StrictRequire
 
+    # SSL/TLS configuration for Let's Encrypt certificates acquired with mod_md
+    #MDomain shaarli.mydomain.org
+
     # SSL/TLS configuration (for self-signed certificates)
     #SSLEngine             on
     #SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem