Document updated haproxy deploy hook
This commit is contained in:
parent
6567bb4c12
commit
3a95bfb699
@ -258,15 +258,27 @@ acme.sh --deploy -d ftp.example.com --deploy-hook strongswan
|
||||
|
||||
## 10. Deploy the cert to HAProxy
|
||||
|
||||
You must specify the path where you want the concatenated key and certificate chain written.
|
||||
You must specify the file where you want the concatenated key and certificate chain written.
|
||||
```sh
|
||||
export DEPLOY_HAPROXY_PEM_PATH=/etc/haproxy
|
||||
export DEPLOY_HAPROXY_PEM=/etc/haproxy/server.pem
|
||||
```
|
||||
|
||||
You may optionally define the command to reload HAProxy. The value shown below will be used as the default if you don't set this environment variable.
|
||||
|
||||
```sh
|
||||
export DEPLOY_HAPROXY_RELOAD="/usr/sbin/service haproxy restart"
|
||||
export DEPLOY_HAPROXY_RELOAD="systemctl reload haproxy"
|
||||
```
|
||||
|
||||
You may optionally specify that the issuer certificate is transferred to "${DEPLOY_HAPROXY_PEM}.issuer". This is a requirement to support OCSP stapling in HAProxy. The value shown below will be used as the default if you don't set this environment variable.
|
||||
|
||||
```sh
|
||||
export DEPLOY_HAPROXY_ISSUER="no"
|
||||
```
|
||||
|
||||
You may optionally specify that you wish to support HAProxy's multi-cert bundle functionality. This allows serving of both RSA and ECC certificates on the same proxy. This adds a ".rsa" or ".ecc" suffix to the files generated (.pem, .ocsp and .issuer). The value shown below will be used as the default if you don't set this environment variable.
|
||||
|
||||
```sh
|
||||
export DEPLOY_HAPROXY_BUNDLE="no"
|
||||
```
|
||||
|
||||
You can then deploy the certificate as follows
|
||||
|
Loading…
Reference in New Issue
Block a user