forked from TrueCloudLab/lego
adapted readme
This commit is contained in:
parent
58386e2d80
commit
e0a1dd6e9e
1 changed files with 49 additions and 35 deletions
72
README.md
72
README.md
|
@ -66,36 +66,50 @@ This traffic redirection is only needed as long as lego solves challenges. As so
|
||||||
#### Usage
|
#### Usage
|
||||||
|
|
||||||
```
|
```
|
||||||
NAME:
|
Let's Encrypt client written in Go
|
||||||
lego - Let's Encrypt client written in Go
|
|
||||||
|
|
||||||
USAGE:
|
Usage:
|
||||||
lego [global options] command [command options] [arguments...]
|
lego [command]
|
||||||
|
|
||||||
VERSION:
|
Available Commands:
|
||||||
0.3.0
|
dnshelp Shows additional help for the --dns global option
|
||||||
|
renew Renew a certificate
|
||||||
|
revoke Revoke a certificate
|
||||||
|
run Register an account, then create and install a certificate
|
||||||
|
version Prints current version of lego
|
||||||
|
|
||||||
COMMANDS:
|
Flags:
|
||||||
run Register an account, then create and install a certificate
|
-a, --accept-tos By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
|
||||||
revoke Revoke a certificate
|
--dns string Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
|
||||||
renew Renew a certificate
|
-d, --domains value Add domains to the process (default [])
|
||||||
dnshelp Shows additional help for the --dns global option
|
-m, --email string Email used for registration and recovery contact.
|
||||||
help, h Shows a list of commands or help for one command
|
-x, --exclude value Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01". (default [])
|
||||||
|
-h, --help help for lego
|
||||||
|
--http string Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
|
||||||
|
-k, --key-type string Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384 (default "rsa2048")
|
||||||
|
--path string Directory to use for storing the data (default "/Users/gianluca/ProgrammingProjects/go/src/github.com/xenolf/lego/.lego")
|
||||||
|
-s, --server string CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default "https://acme-v01.api.letsencrypt.org/directory")
|
||||||
|
--tls string Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
|
||||||
|
--webroot string Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
|
||||||
|
|
||||||
GLOBAL OPTIONS:
|
Use "lego [command] --help" for more information about a command.
|
||||||
--domains, -d [--domains option --domains option] Add domains to the process
|
```
|
||||||
--server, -s "https://acme-v01.api.letsencrypt.org/directory" CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.
|
|
||||||
--email, -m Email used for registration and recovery contact.
|
For further help on a command:
|
||||||
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
|
```
|
||||||
--key-type, -k "rsa2048" Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384
|
|
||||||
--path "${CWD}/.lego" Directory to use for storing the data
|
$ lego renew --help
|
||||||
--exclude, -x [--exclude option --exclude option] Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01".
|
Renew a certificate
|
||||||
--webroot Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
|
|
||||||
--http Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
|
Usage:
|
||||||
--tls Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
|
lego renew [flags]
|
||||||
--dns Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
|
|
||||||
--help, -h show help
|
Flags:
|
||||||
--version, -v print the version
|
--days int The number of days left on a certificate to renew it.
|
||||||
|
--no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate.
|
||||||
|
--resuse-key Used to indicate you want to reuse your current private key for the new certificate.
|
||||||
|
|
||||||
|
...
|
||||||
```
|
```
|
||||||
|
|
||||||
##### CLI Example
|
##### CLI Example
|
||||||
|
@ -106,7 +120,7 @@ If your environment does not allow you to bind to these ports, please read [Port
|
||||||
Obtain a certificate:
|
Obtain a certificate:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ lego --email="foo@bar.com" --domains="example.com" run
|
$ lego run --email="foo@bar.com" --domains="example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
(Find your certificate in the `.lego` folder of current working directory.)
|
(Find your certificate in the `.lego` folder of current working directory.)
|
||||||
|
@ -114,13 +128,13 @@ $ lego --email="foo@bar.com" --domains="example.com" run
|
||||||
To renew the certificate:
|
To renew the certificate:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ lego --email="foo@bar.com" --domains="example.com" renew
|
$ lego renew --email="foo@bar.com" --domains="example.com"
|
||||||
```
|
```
|
||||||
|
|
||||||
Obtain a certificate using the DNS challenge and AWS Route 53:
|
Obtain a certificate using the DNS challenge and AWS Route 53:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run
|
$ AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego run --email="foo@bar.com" --domains="example.com" --dns="route53"
|
||||||
```
|
```
|
||||||
|
|
||||||
Note that `--dns=foo` implies `--exclude=http-01` and `--exclude=tls-sni-01`. lego will not attempt other challenges if you've told it to use DNS instead.
|
Note that `--dns=foo` implies `--exclude=http-01` and `--exclude=tls-sni-01`. lego will not attempt other challenges if you've told it to use DNS instead.
|
||||||
|
|
Loading…
Reference in a new issue