opennic:tls

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
opennic:tls [2020-06-03T08:42:45Z]
deep42thought [Planned deployment] 		opennic:tls [2021-03-01T08:55:14Z]
deep42thought [How to get started] new
Line 10: Line 10:
   * The acme server runs experimental software. If you have any problems getting a certificate, feel free to contact [[opennic@eckner.net|Erich Eckner]]   * The acme server runs experimental software. If you have any problems getting a certificate, feel free to contact [[opennic@eckner.net|Erich Eckner]]
  
 +===== How to get started =====
 +
 +The acme server runs on a domain which must be validated by the same root certificate which is used for other opennic domains.
 +Thus, one must download the root certificate (and ignore the certificate error on the https connection) and install it as a trusted root certificate.
 +<code>
 +curl --insecure -o /usr/share/ca-certificates/trust-source/anchors/opennic_root_ca.crt https://playground.acme.libre/opennic_root_ca.crt
 +trust extract-compat
 +</code>
 +Check, that the certificate was installed correctly:
 +<code>
 +curl https://playground.acme.libre/
 +</code>
 +Then, certbot can query new certificates from the acme server.
 +<code>
 +certbot --server https://playground.acme.libre
 +</code>
 ===== Planned deployment ===== ===== Planned deployment =====
  
  • /wiki/data/pages/opennic/tls.txt
  • Last modified: 6 weeks ago
  • by deep42thought