Formatting

letsencrypt/README.md

@@ -17,18 +17,16 @@ Assumptions:
 
 To update the certificate modify the list of domain arguments (`-d foo.com`) below and use the following process:
 
-1. Acquire the current list of domains the certificate is responsible for:
+1. Acquire the list of domains the **current certificate** is responsible for formatted as arguments to `certbot`:
 ```
 openssl x509 -in /etc/haproxy/certs/git.services.wit.com.pem -noout -text \
     | grep DNS: \
     | sed -e 's/^\s*//' -e 's/DNS:/ -d /g' -e 's/, / \\\n/g'
 ```
 
-(this command spits out a list delimeted by ` -d` as these will be passed as arguments to `certbot`
+2. Visually inspect the list to ensure the list looks correct. Ensure that the original certs common name is covered.
 
-2. Visually inspect the list to ensure the list looks correct. (Consider comparing to the certificate for an existing *.services.wit.com)
-
-3. Run certbot, naming the **git.services.wit.com** cert as the one to be updated, and providing the **entire list of domains the cert should be valid for**
+3. Run certbot, naming the **git.services.wit.com** cert as the one to be updated, and providing the **full list of domains the cert covers**
 
 ```
 certbot certonly \
@@ -42,7 +40,7 @@ certbot certonly \
 	--preferred-challenges http
 ```
 
-    At this point you should see certbot making a number of challenges (doing domain ownership verification), and then a "**Congratulations!**" message telling you the certs have been updated.
+At this point you should see certbot making a number of challenges (domain ownership verifications), and then a "**Congratulations!**" message telling you the certs have been updated.
 
 
 4. Backup the current certificate: