From c7686fec03713c27b57176419cd030d4539c423f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Manuel=20Delicado=20Alcolea?= Date: Tue, 25 Jul 2023 17:34:12 +0200 Subject: [PATCH] Added information on how to use Letsencrypt certificates --- readme.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/readme.md b/readme.md index f54f26d..7b05171 100755 --- a/readme.md +++ b/readme.md @@ -215,6 +215,13 @@ You can test your changes in debugging mode before modifying the configuration f Note: the command line arguments override the supplied ones in the configuration file. +## Using Let's Encrypt certificates + +You can use your Let's Encrypt certificate with this server. However, the server runs by default with a non-privileged user, so it won't be able to read the required files from the default location. You can proceed in two ways: + +1. Copy privkey.pem and fullchain.pem to a readable location. Then, edit the configuration file and update the certfile and keyfile settings. You can follow this procedure also in Docker containers by copying certificate and private key to the data volume. +2. Use the provided Let's Encrypt sample hook. Edit the `NVDARemoteCertificate-letsencrypt` file, update the domain name, make it executable, and place it in `/etc/letsencrypt/renewal-hooks/post`. No extra steps are required. The certificate will be available for the server immediately after each renewal. + ## Known problems ### Installing on Mac os x El Capitan and later