This repository has been archived by the owner on Sep 7, 2022. It is now read-only.
"acme cert -webroot" option #59
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This change provides a new option -webroot to the "acme cert" subcommand, taking a directory taking a directory as argument, and mutually exclusive with -dns or -manual. If that option is used, behavior is similar to -manual, but the challenge file is directly written to the specified webroot, by appending ".well-known/acme-challenge/hjxyhksjhdf" to that given directory, and writing the file there. By default the file mode will be read/write only for the owner. The optional "-webroot-mode 0640" argument, taking the usual unix integer file mode as value, can be used to change that to the specified mode. The given webroot directory, including subdirectory ".well-known" and "acme-challenge" in there, must already exist (and of course be writable to the user running the acme client). No directory is created automatically, to avoid accidentally throwing stuff into unintended destinations. Finally, different from -manual, the challenge file is automatically _removed_ after the challenge has been completed - whether that succeeded or failed.
|
Oh man, I've been missing on all your PRs somehow. My bad, sorry. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change provides a new option -webroot to the "acme cert"
subcommand, taking a directory taking a directory as argument,
and mutually exclusive with -dns or -manual.
If that option is used, behavior is similar to -manual, but the
challenge file is directly written to the specified webroot, by
appending ".well-known/acme-challenge/hjxyhksjhdf" to that given
directory, and writing the file there.
By default the file mode will be read/write only for the owner. The
optional "-webroot-mode 0640" argument, taking the usual unix integer
file mode as value, can be used to change that to the specified mode.
The given webroot directory, including subdirectory ".well-known"
and "acme-challenge" in there, must already exist (and of course be
writable to the user running the acme client). No directory is created
automatically, to avoid accidentally throwing stuff into unintended
destinations.
Finally, different from -manual, the challenge file is automatically
removed after the challenge has been completed - whether that
succeeded or failed.