TrueCloudLab/lego
15
0
Fork 4
Code Issues 1 Pull requests 2 Projects Releases Packages Wiki Activity

feat: support custom duration for certificate (#1925)

Browse source
This commit is contained in:
Ludovic Fernandez 2023-05-28 16:45:48 +02:00 committed by GitHub
parent 8bf0cee70e
commit c341e6a381
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 268 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/data/zz_cli_help.toml
View file

@ -63,6 +63,8 @@ OPTIONS:
--always-deactivate-authorizations value Force the authorizations to be relinquished even if the certificate request was successful.
--must-staple Include the OCSP must staple TLS extension in the CSR and generated certificate. Only works if the CSR is generated by lego. (default: false)
--no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate. (default: false)
--not-after value Set the notAfter field in the certificate
--not-before value Set the notBefore field in the certificate
--preferred-chain value If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name. If no match, the default offered chain will be used.
--run-hook value Define a hook. The hook is executed when the certificates are effectively created.
"""
@ -85,6 +87,8 @@ OPTIONS:
--must-staple Include the OCSP must staple TLS extension in the CSR and generated certificate. Only works if the CSR is generated by lego. (default: false)
--no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate. (default: false)
--no-random-sleep Do not add a random sleep before the renewal. We do not recommend using this flag if you are doing your renewals in an automated way. (default: false)
--not-after value Set the notAfter field in the certificate
--not-before value Set the notBefore field in the certificate
--preferred-chain value If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common Name. If no match, the default offered chain will be used.
--renew-hook value Define a hook. The hook is executed only when the certificates are effectively renewed.
--reuse-key Used to indicate you want to reuse your current private key for the new certificate. (default: false)