adapted readme

This commit is contained in:
Gianluca 2016-03-30 10:12:15 +02:00
parent 58386e2d80
commit e0a1dd6e9e

View file

@ -66,36 +66,50 @@ This traffic redirection is only needed as long as lego solves challenges. As so
#### Usage #### Usage
``` ```
NAME: Let's Encrypt client written in Go
lego - Let's Encrypt client written in Go
USAGE: Usage:
lego [global options] command [command options] [arguments...] lego [command]
VERSION: Available Commands:
0.3.0 dnshelp Shows additional help for the --dns global option
renew Renew a certificate
revoke Revoke a certificate
run Register an account, then create and install a certificate
version Prints current version of lego
COMMANDS: Flags:
run Register an account, then create and install a certificate -a, --accept-tos By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
revoke Revoke a certificate --dns string Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
renew Renew a certificate -d, --domains value Add domains to the process (default [])
dnshelp Shows additional help for the --dns global option -m, --email string Email used for registration and recovery contact.
help, h Shows a list of commands or help for one command -x, --exclude value Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01". (default [])
-h, --help help for lego
--http string Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
-k, --key-type string Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384 (default "rsa2048")
--path string Directory to use for storing the data (default "/Users/gianluca/ProgrammingProjects/go/src/github.com/xenolf/lego/.lego")
-s, --server string CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default "https://acme-v01.api.letsencrypt.org/directory")
--tls string Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
--webroot string Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
GLOBAL OPTIONS: Use "lego [command] --help" for more information about a command.
--domains, -d [--domains option --domains option] Add domains to the process ```
--server, -s "https://acme-v01.api.letsencrypt.org/directory" CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.
--email, -m Email used for registration and recovery contact. For further help on a command:
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. ```
--key-type, -k "rsa2048" Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384
--path "${CWD}/.lego" Directory to use for storing the data $ lego renew --help
--exclude, -x [--exclude option --exclude option] Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01". Renew a certificate
--webroot Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
--http Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port Usage:
--tls Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port lego renew [flags]
--dns Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
--help, -h show help Flags:
--version, -v print the version --days int The number of days left on a certificate to renew it.
--no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate.
--resuse-key Used to indicate you want to reuse your current private key for the new certificate.
...
``` ```
##### CLI Example ##### CLI Example
@ -106,7 +120,7 @@ If your environment does not allow you to bind to these ports, please read [Port
Obtain a certificate: Obtain a certificate:
```bash ```bash
$ lego --email="foo@bar.com" --domains="example.com" run $ lego run --email="foo@bar.com" --domains="example.com"
``` ```
(Find your certificate in the `.lego` folder of current working directory.) (Find your certificate in the `.lego` folder of current working directory.)
@ -114,13 +128,13 @@ $ lego --email="foo@bar.com" --domains="example.com" run
To renew the certificate: To renew the certificate:
```bash ```bash
$ lego --email="foo@bar.com" --domains="example.com" renew $ lego renew --email="foo@bar.com" --domains="example.com"
``` ```
Obtain a certificate using the DNS challenge and AWS Route 53: Obtain a certificate using the DNS challenge and AWS Route 53:
```bash ```bash
$ AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run $ AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego run --email="foo@bar.com" --domains="example.com" --dns="route53"
``` ```
Note that `--dns=foo` implies `--exclude=http-01` and `--exclude=tls-sni-01`. lego will not attempt other challenges if you've told it to use DNS instead. Note that `--dns=foo` implies `--exclude=http-01` and `--exclude=tls-sni-01`. lego will not attempt other challenges if you've told it to use DNS instead.