On 31 December 2020 00:42:26 CET, Chris Bennett
<[email protected]> wrote:
>Hi,
>after spending several hours trying to find out what the problem was
>with getting SSL to work properly again in Apache, I finally found the
>problem.
>
>The -current and src versions are the same in /etc/examples, but
>acme-client has changed. I looked in both places to see if I missed a
>change. Turns out the man page mentioned it, but nothing in example.
>
>
>Not sure if I picked good names, but I would really like to get this
>little addition. RTFM still applies, but if there is an examples file,
>it ought to represent new changes, IMHO.
I'm not following, what new changes? Getting the chain certificate(s) out of
acme-client has been there since the beginning.
Also I suspect if you need the chains separate from the domain cert you want
the single domain cert and not the full chain domain cert.
In any case the point of this and the httpd example file is that you can put
them into place, do s/example.com/your.domain/ and be up and running.
>
>Chris Bennett
>
>Index: acme-client.conf
>===================================================================
>RCS file: /cvs/src/etc/examples/acme-client.conf,v
>retrieving revision 1.4
>diff -u -p -u -p -r1.4 acme-client.conf
>--- acme-client.conf 17 Sep 2020 09:13:06 -0000 1.4
>+++ acme-client.conf 30 Dec 2020 23:35:03 -0000
>@@ -26,6 +26,7 @@ authority buypass-test {
> domain example.com {
> alternative names { secure.example.com }
> domain key "/etc/ssl/private/example.com.key"
>+ domain chain certificate "/etc/ssl/example.com.chain.pem"
> domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
> sign with letsencrypt
> }
--
Sent from a mobile device. Please excuse poor formating.
