diff --git a/cmd/flags.go b/cmd/flags.go index d57173eb..8413426f 100644 --- a/cmd/flags.go +++ b/cmd/flags.go @@ -64,48 +64,48 @@ func CreateFlags(defaultPath string) []cli.Flag { }, &cli.BoolFlag{ Name: "http", - Usage: "Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges.", + Usage: "Use the HTTP-01 challenge to solve challenges. Can be mixed with other types of challenges.", }, &cli.StringFlag{ Name: "http.port", - Usage: "Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port.", + Usage: "Set the port and interface to use for HTTP-01 based challenges to listen on. Supported: interface:port or :port.", Value: ":80", }, &cli.StringFlag{ Name: "http.proxy-header", - Usage: "Validate against this HTTP header when solving HTTP based challenges behind a reverse proxy.", + Usage: "Validate against this HTTP header when solving HTTP-01 based challenges behind a reverse proxy.", Value: "Host", }, &cli.StringFlag{ Name: "http.webroot", - Usage: "Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge." + + Usage: "Set the webroot folder to use for HTTP-01 based challenges to write directly to the .well-known/acme-challenge file." + " This disables the built-in server and expects the given directory to be publicly served with access to .well-known/acme-challenge", }, &cli.StringSliceFlag{ Name: "http.memcached-host", - Usage: "Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts.", + Usage: "Set the memcached host(s) to use for HTTP-01 based challenges. Challenges will be written to all specified hosts.", }, &cli.BoolFlag{ Name: "tls", - Usage: "Use the TLS challenge to solve challenges. Can be mixed with other types of challenges.", + Usage: "Use the TLS-ALPN-01 challenge to solve challenges. Can be mixed with other types of challenges.", }, &cli.StringFlag{ Name: "tls.port", - Usage: "Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port.", + Usage: "Set the port and interface to use for TLS-ALPN-01 based challenges to listen on. Supported: interface:port or :port.", Value: ":443", }, &cli.StringFlag{ Name: "dns", - Usage: "Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage.", + Usage: "Solve a DNS-01 challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage.", }, &cli.BoolFlag{ Name: "dns.disable-cp", - Usage: "By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers.", + Usage: "By setting this flag to true, disables the need to await propagation of the TXT record to all authoritative name servers.", }, &cli.StringSliceFlag{ Name: "dns.resolvers", Usage: "Set the resolvers to use for performing (recursive) CNAME resolving and apex domain determination." + - " For DNS challenge verification, the authoritative DNS server is queried directly." + + " For DNS-01 challenge verification, the authoritative DNS server is queried directly." + " Supported: host:port." + " The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined.", }, @@ -115,7 +115,7 @@ func CreateFlags(defaultPath string) []cli.Flag { }, &cli.IntFlag{ Name: "dns-timeout", - Usage: "Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries.", + Usage: "Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name server queries.", Value: 10, }, &cli.BoolFlag{ diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml index d92b7cdc..70deb542 100644 --- a/docs/data/zz_cli_help.toml +++ b/docs/data/zz_cli_help.toml @@ -22,22 +22,22 @@ GLOBAL OPTIONS: --accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. (default: false) --cert.timeout value Set the certificate timeout value to a specific value in seconds. Only used when obtaining certificates. (default: 30) --csr value, -c value Certificate signing request filename, if an external CSR is to be used. - --dns value Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage. - --dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries. (default: 10) - --dns.disable-cp By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers. (default: false) - --dns.resolvers value [ --dns.resolvers value ] Set the resolvers to use for performing (recursive) CNAME resolving and apex domain determination. For DNS challenge verification, the authoritative DNS server is queried directly. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined. + --dns value Solve a DNS-01 challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage. + --dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name server queries. (default: 10) + --dns.disable-cp By setting this flag to true, disables the need to await propagation of the TXT record to all authoritative name servers. (default: false) + --dns.resolvers value [ --dns.resolvers value ] Set the resolvers to use for performing (recursive) CNAME resolving and apex domain determination. For DNS-01 challenge verification, the authoritative DNS server is queried directly. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined. --domains value, -d value [ --domains value, -d value ] Add a domain to the process. Can be specified multiple times. --eab Use External Account Binding for account registration. Requires --kid and --hmac. (default: false) --email value, -m value Email used for registration and recovery contact. --filename value (deprecated) Filename of the generated certificate. --help, -h show help (default: false) --hmac value MAC key from External CA. Should be in Base64 URL Encoding without padding format. Used for External Account Binding. - --http Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges. (default: false) + --http Use the HTTP-01 challenge to solve challenges. Can be mixed with other types of challenges. (default: false) --http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0) - --http.memcached-host value [ --http.memcached-host value ] Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts. - --http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80") - --http.proxy-header value Validate against this HTTP header when solving HTTP based challenges behind a reverse proxy. (default: "Host") - --http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge. This disables the built-in server and expects the given directory to be publicly served with access to .well-known/acme-challenge + --http.memcached-host value [ --http.memcached-host value ] Set the memcached host(s) to use for HTTP-01 based challenges. Challenges will be written to all specified hosts. + --http.port value Set the port and interface to use for HTTP-01 based challenges to listen on. Supported: interface:port or :port. (default: ":80") + --http.proxy-header value Validate against this HTTP header when solving HTTP-01 based challenges behind a reverse proxy. (default: "Host") + --http.webroot value Set the webroot folder to use for HTTP-01 based challenges to write directly to the .well-known/acme-challenge file. This disables the built-in server and expects the given directory to be publicly served with access to .well-known/acme-challenge --key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa3072, rsa4096, rsa8192, ec256, ec384. (default: "ec256") --kid value Key identifier from External CA. Used for External Account Binding. --path value Directory to use for storing the data. (default: "./.lego") [$LEGO_PATH] @@ -45,8 +45,8 @@ GLOBAL OPTIONS: --pfx Generate an additional .pfx (PKCS#12) file by concatenating the .key and .crt and issuer .crt files together. (default: false) --pfx.pass value The password used to encrypt the .pfx (PCKS#12) file. (default: "changeit") --server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory") - --tls Use the TLS challenge to solve challenges. Can be mixed with other types of challenges. (default: false) - --tls.port value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port. (default: ":443") + --tls Use the TLS-ALPN-01 challenge to solve challenges. Can be mixed with other types of challenges. (default: false) + --tls.port value Set the port and interface to use for TLS-ALPN-01 based challenges to listen on. Supported: interface:port or :port. (default: ":443") --user-agent value Add to the user-agent sent to the CA to identify an application embedding lego-cli """