aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authornodiscc <nodiscc@gmail.com>2020-08-15 19:37:24 +0200
committernodiscc <nodiscc@gmail.com>2020-09-12 14:31:45 +0200
commite0fe33f90ba0bfedc50ba79982833e10c7e6c4a4 (patch)
tree90b18096de8336b7583a0db597e0d781a52958c2
parentb6c9a2db30e6d9173d163b30a38ad64aa95f6658 (diff)
downloadShaarli-e0fe33f90ba0bfedc50ba79982833e10c7e6c4a4.tar.gz
Shaarli-e0fe33f90ba0bfedc50ba79982833e10c7e6c4a4.tar.zst
Shaarli-e0fe33f90ba0bfedc50ba79982833e10c7e6c4a4.zip
doc: server configuration: add note on required firewall/NAT for Let's Encrypt certificates
-rw-r--r--doc/md/Server-configuration.md3
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md
index 3c207acc..f14be7f3 100644
--- a/doc/md/Server-configuration.md
+++ b/doc/md/Server-configuration.md
@@ -77,7 +77,8 @@ sudo apt install certbot
77sudo systemctl stop apache2 77sudo systemctl stop apache2
78sudo systemctl stop nginx 78sudo systemctl stop nginx
79 79
80# generate initial certificates - Let's Encrypt ACME servers must be able to access your server! 80# generate initial certificates
81# Let's Encrypt ACME servers must be able to access your server! port forwarding and firewall must be properly configured
81sudo certbot certonly --standalone --noninteractive --agree-tos --email "admin@shaarli.mydomain.org" -d shaarli.mydomain.org 82sudo certbot certonly --standalone --noninteractive --agree-tos --email "admin@shaarli.mydomain.org" -d shaarli.mydomain.org
82# this will generate a private key and certificate at /etc/letsencrypt/live/shaarli.mydomain.org/{privkey,fullchain}.pem 83# this will generate a private key and certificate at /etc/letsencrypt/live/shaarli.mydomain.org/{privkey,fullchain}.pem
83 84