From 8531f1aebd5b7ba2c75f1f2294a0cd03d9d05576 Mon Sep 17 00:00:00 2001 From: Tim Sogard Date: Wed, 9 May 2018 22:28:09 -0400 Subject: [PATCH] Formatting --- letsencrypt/README.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/letsencrypt/README.md b/letsencrypt/README.md index a9333b5..40c55ad 100644 --- a/letsencrypt/README.md +++ b/letsencrypt/README.md @@ -17,18 +17,16 @@ Assumptions: To update the certificate modify the list of domain arguments (`-d foo.com`) below and use the following process: -1. Acquire the current list of domains the certificate is responsible for: +1. Acquire the list of domains the **current certificate** is responsible for formatted as arguments to `certbot`: ``` openssl x509 -in /etc/haproxy/certs/git.services.wit.com.pem -noout -text \ | grep DNS: \ | sed -e 's/^\s*//' -e 's/DNS:/ -d /g' -e 's/, / \\\n/g' ``` -(this command spits out a list delimeted by ` -d` as these will be passed as arguments to `certbot` +2. Visually inspect the list to ensure the list looks correct. Ensure that the original certs common name is covered. -2. Visually inspect the list to ensure the list looks correct. (Consider comparing to the certificate for an existing *.services.wit.com) - -3. Run certbot, naming the **git.services.wit.com** cert as the one to be updated, and providing the **entire list of domains the cert should be valid for** +3. Run certbot, naming the **git.services.wit.com** cert as the one to be updated, and providing the **full list of domains the cert covers** ``` certbot certonly \ @@ -42,7 +40,7 @@ certbot certonly \ --preferred-challenges http ``` - At this point you should see certbot making a number of challenges (doing domain ownership verification), and then a "**Congratulations!**" message telling you the certs have been updated. +At this point you should see certbot making a number of challenges (domain ownership verifications), and then a "**Congratulations!**" message telling you the certs have been updated. 4. Backup the current certificate: