upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-06 07:12:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Deprecated standalone-preferred-challenges

Browse source
This commit is contained in:
Osiris Inferi 2017-02-27 20:39:42 +01:00
parent 7d02e129f9
commit bb35126a2c
No known key found for this signature in database
GPG key ID: 590297AD5FAE2134
1 changed files with 22 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
docs/using.rst
View file

@ -151,14 +151,17 @@ order to perform domain validation, so you may need to stop your
existing webserver. To control which port the plugin uses, include
one of the options shown below on the command line.
* ``--standalone-supported-challenges http-01`` to use port 80
* ``--standalone-supported-challenges tls-sni-01`` to use port 443
* ``--preferred-challenges http`` to use port 80
* ``--preferred-challenges tls-sni`` to use port 443
The standalone plugin does not rely on any other server software running
on the machine where you obtain the certificate. It must still be possible
for that machine to accept inbound connections from the Internet on the
specified port using each requested domain name.
.. note:: The ``--standalone-supported-challenges`` option has been
deprecated since ``certbot`` version 0.9.0.
Manual
------
@ -170,6 +173,23 @@ the UI, you can use the plugin to obtain a cert by specifying
to copy and paste commands into another terminal session, which may
be on a different computer.
The manual plugin can use either the ``http`` or the ``dns`` challenge. You
can use the ``--preferred-challenges`` option to chose the challenge of your
preference.
The ``http`` challenge will ask you to place a file with a specific name and
specific content in the ``/.well-known/acme-challenge/`` directory directly
in the top-level directory (“web root”) containing the files served by your
webserver. In essence it's the same as the webroot_ plugin, but not automated.
When using the ``dns`` plugin, ``certbot`` will ask you to place a TXT DNS
record with specific contents under the domain name consisting of the hostname
for which you want a certificate issued, prepended by ``_acme-challenge``.
For example, for the domain ``example.com``, a zone file entry would look like:
::
_acme-challenge.example.com. 300 IN TXT "gfj9Xq...Rg85nM"
Additionally you can specify scripts to prepare for validation and perform the
authentication procedure and/or clean up after it by using the
``--manual-auth-hook`` and ``--manual-cleanup-hook`` flags. This is described in