3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-18 03:27:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

docs: add certificate section (#96)

Browse source 
Closes #88
This commit is contained in:
Bobby DeSimone 2019-04-27 20:21:43 -07:00 committed by GitHub
parent 857b9e5773
commit ce7a8b1f2d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 217 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

22
scripts/generate_wildcard_cert.sh
View file

@ -1,10 +1,24 @@
#!/bin/bash
# requires acme.sh see : https://github.com/Neilpang/acme.sh
# curl https://get.acme.sh | sh
echo "=> manually issue a wildcard certificate, renewal is up to you!"
# acme.sh : https://github.com/Neilpang/acme.sh
# curl https://get.acme.sh | sh
# NOTA BENE:
# if you use a DNS service that supports API access, you may be able to automate
# this process. See https://github.com/Neilpang/acme.sh/wiki/dnsapi
echo "=> first generate a certificate signing request!"
$HOME/.acme.sh/acme.sh \
--issue \
-k ec-256 \
-d '*.corp.beyondperimeter.com' \
-d '*.corp.example.com' \
--dns \
--yes-I-know-dns-manual-mode-enough-go-ahead-please
read -p "press anykey once you've updated your TXT entries"
$HOME/.acme.sh/acme.sh \
--renew \
--ecc \
-k ec-256 \
-d '*.corp.example.com' \
--dns \
--yes-I-know-dns-manual-mode-enough-go-ahead-please